CVE-2024-51258

Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)

Published: Oct 30, 2024 / Updated: 20d ago

010
CVSS 8.8EPSS 0.04%High
CVE info copied to clipboard

Summary

DrayTek Vigor3900 version 1.5.1.3 contains a vulnerability that allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doSSLTunnel function. This is a command injection vulnerability, classified under CWE-77 (Improper Neutralization of Special Elements used in a Command).

Impact

The impact of this vulnerability is severe. It allows attackers to execute arbitrary commands on the affected system, potentially leading to complete system compromise. The vulnerability has high impacts on confidentiality, integrity, and availability. Attackers could potentially access sensitive information, modify system configurations, or disrupt normal operations of the DrayTek Vigor3900 device. Given that it's a network-based attack vector with low attack complexity and requires only low privileges, it poses a significant risk to affected systems.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

As of the current information, there is no mention of an available patch. The vulnerability affects DrayTek Vigor3900 version 1.5.1.3, but there's no indication of a fixed version or a patch release from the vendor.

Mitigation

While there's no specific patch mentioned, general mitigation strategies for command injection vulnerabilities should be applied: 1. Implement strong input validation and sanitization for all user-supplied input, especially in the mainfunction.cgi and doSSLTunnel function. 2. Apply the principle of least privilege to limit the potential impact of successful exploits. 3. Use network segmentation to isolate affected DrayTek Vigor3900 devices. 4. Monitor for suspicious activities, particularly unexpected command executions. 5. Keep the DrayTek Vigor3900 firmware up-to-date and watch for any security advisories from DrayTek regarding this vulnerability. 6. If possible, disable or restrict access to the affected functionality until a patch is available. 7. Implement additional security controls such as Web Application Firewalls (WAF) to help detect and prevent command injection attempts.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-51258

Oct 30, 2024 at 5:15 PM
First Article

Feedly found the first article mentioning CVE-2024-51258. See article

Oct 30, 2024 at 5:24 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 30, 2024 at 5:24 PM
CVSS

A CVSS base score of 8.8 has been assigned.

Oct 30, 2024 at 6:40 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.9%)

Oct 31, 2024 at 10:14 AM
Static CVE Timeline Graph

Affected Systems

Draytek/vigor3900_firmware
+null more

Attack Patterns

CAPEC-136: LDAP Injection
+null more

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI