CVE-2024-39273
Published: 14 January 2025
Description
A firmware update vulnerability exists in the fw_check.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Security Summary
CVE-2024-39273 is a firmware update vulnerability in the fw_check.sh functionality of the Wavlink AC3000 router running firmware version M33A8.V5030.210505. The issue allows a specially crafted HTTP request to enable arbitrary firmware updates, stemming from missing authentication for a critical function (CWE-306). It carries a CVSS v3.1 base score of 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H), indicating critical severity with network accessibility, high attack complexity, no privileges or user interaction required, and scope change with high impacts across confidentiality, integrity, and availability.
An unauthenticated remote attacker can exploit this vulnerability via a man-in-the-middle (MITM) attack by intercepting and altering HTTP traffic to the device. Successful exploitation enables the attacker to perform arbitrary firmware updates, potentially allowing full device compromise, such as installing malicious firmware for persistent control or further network attacks.
Mitigation details are available in the Talos Intelligence advisory (TALOS-2024-2037) at https://talosintelligence.com/vulnerability_reports/TALOS-2024-2037.
Details
- CWE(s)