CVE-2024-51254

Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)

Published: Oct 31, 2024 / Updated: 19d ago

010
CVSS 8.8EPSS 0.04%High
CVE info copied to clipboard

Summary

DrayTek Vigor3900 version 1.5.1.3 is vulnerable to command injection. Attackers can inject malicious commands into the mainfunction.cgi file and execute arbitrary commands by exploiting the sign_cacertificate function. This vulnerability is classified as a Command Injection (CWE-77) issue, which involves improper neutralization of special elements used in a command.

Impact

The impact of this vulnerability is severe. Successful exploitation could allow an attacker to execute arbitrary commands on the affected DrayTek Vigor3900 devices. This could lead to complete system compromise, including: 1. Unauthorized access to sensitive information (high confidentiality impact) 2. Modification or destruction of data (high integrity impact) 3. Disruption of system availability (high availability impact) The attack vector is adjacent network, meaning the attacker needs to be on a network adjacent to the target system, but no user interaction is required for the attack to succeed. The attack complexity is low, indicating that the vulnerability is relatively easy to exploit once an attacker has access to the adjacent network.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

As of the current information provided, there is no mention of an available patch for this vulnerability. DrayTek should be contacted for the latest security updates or patches for the Vigor3900 devices running version 1.5.1.3.

Mitigation

Given the severity of this vulnerability and the absence of a confirmed patch, the following mitigation steps are recommended: 1. Isolate affected DrayTek Vigor3900 devices from untrusted networks to minimize the risk of exploitation from adjacent networks. 2. Implement strong network segmentation to limit potential attacker access to the vulnerable devices. 3. Monitor for any suspicious activities or unauthorized command executions on the affected devices. 4. Regularly check for and apply any security updates or patches released by DrayTek for the Vigor3900. 5. Consider upgrading to a newer, unaffected version of the firmware if available. 6. Implement additional security controls such as Web Application Firewalls (WAF) or Intrusion Prevention Systems (IPS) to help detect and prevent command injection attempts. 7. Conduct a thorough security assessment of the affected devices and their configurations to identify any potential misconfigurations or additional vulnerabilities.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-51254

Oct 31, 2024 at 2:15 PM
First Article

Feedly found the first article mentioning CVE-2024-51254. See article

Oct 31, 2024 at 2:24 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 31, 2024 at 2:24 PM
CVSS

A CVSS base score of 8.8 has been assigned.

Oct 31, 2024 at 3:41 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.9%)

Nov 1, 2024 at 9:55 AM
Static CVE Timeline Graph

Affected Systems

Draytek/vigor3900
+null more

Attack Patterns

CAPEC-136: LDAP Injection
+null more

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI