CVE-2024-51255

Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)

Published: Oct 31, 2024 / Updated: 19d ago

010
CVSS 9.8EPSS 0.04%Critical
CVE info copied to clipboard

Summary

DrayTek Vigor3900 version 1.5.1.3 contains a vulnerability that allows attackers to inject malicious commands into the mainfunction.cgi file and execute arbitrary commands by calling the ruequest_certificate function. This is a command injection vulnerability, specifically related to improper neutralization of special elements used in a command.

Impact

The impact of this vulnerability is severe. Attackers can execute arbitrary commands on the affected DrayTek Vigor3900 devices, potentially leading to complete system compromise. This could result in unauthorized access to sensitive information, modification of system configurations, disruption of services, and potential use of the compromised device as a foothold for further network intrusion. The vulnerability has a high impact on confidentiality, integrity, and availability of the affected system.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

As of the provided information, there is no mention of an available patch. The vulnerability affects DrayTek Vigor3900 version 1.5.1.3, but there's no indication of a fixed version or a patch release from the vendor.

Mitigation

While no specific patch is mentioned, the following mitigation strategies are recommended: 1. Restrict network access to the affected DrayTek Vigor3900 devices, especially from untrusted networks. 2. Implement strong firewall rules to limit incoming traffic to these devices. 3. Monitor logs and network traffic for suspicious activities related to the mainfunction.cgi file or the ruequest_certificate function. 4. If possible, disable or restrict access to the vulnerable function until a patch is available. 5. Regularly check for updates from DrayTek and apply any security patches as soon as they become available. 6. Consider using network segmentation to isolate affected devices from critical network assets. 7. Implement strong input validation and sanitization practices for any user-supplied input to the device.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-51255

Oct 31, 2024 at 4:15 PM
First Article

Feedly found the first article mentioning CVE-2024-51255. See article

Oct 31, 2024 at 4:24 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 31, 2024 at 4:24 PM
CVSS

A CVSS base score of 9.8 has been assigned.

Oct 31, 2024 at 7:40 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.9%)

Nov 1, 2024 at 9:55 AM
Static CVE Timeline Graph

Affected Systems

Draytek/vigor3900
+null more

Attack Patterns

CAPEC-136: LDAP Injection
+null more

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI