CVE-2024-53939

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 2, 2024
Updated: Dec 3, 2024
CWE ID 78

Summary

CVE-2024-53939 is a critical vulnerability affecting Victure RX1800 WiFi 6 Routers with software EN_V1.0.0_r12_110933 and hardware version 1.0. The vulnerability lies in the /cgi-bin/luci/admin/opsw/Dual_freq_un_apple endpoint, which is susceptible to command injection. An attacker can exploit this weakness by supplying malicious input to the 2.4 GHz and 5 GHz name parameters, enabling them to execute arbitrary commands on the device with root-level permissions. This issue poses a significant risk as it may lead to unauthorized access, data theft, or even system compromise. Users are strongly advised to update their router's firmware to address this vulnerability promptly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share