CVE-2024-48420
Published: 27 January 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2024-48420 is a buffer overflow vulnerability (CWE-120) affecting the Edimax AC1200 Wi-Fi 5 Dual-Band Router model BR-6476AC running firmware version 1.06. The issue resides in the web interface endpoint /goform/getWifiBasic, where insufficient bounds checking on user-supplied input leads to a stack-based buffer overflow. This flaw has a CVSS v3.1 base score of 8.8 (High), reflecting its potential for significant impact.
An attacker with adjacent network access (AV:A), such as from the same local Wi-Fi network, can exploit this vulnerability with low complexity (AC:L), no authentication requirements (PR:N), and no user interaction (UI:N). Successful exploitation allows arbitrary code execution with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), potentially enabling full router compromise, such as persistent access, data theft, or network pivoting.
Mitigation details are outlined in vendor and security advisories, available at http://edimax.com and https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48420.md. Security practitioners should check these resources for firmware patches, workarounds, or updated configurations specific to the BR-6476AC.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The buffer overflow vulnerability in the public-facing web interface (/goform/getWifiBasic) of the Edimax Wi-Fi router enables remote exploitation for potential code execution, directly mapping to T1190: Exploit Public-Facing Application.