CVE-2024-57174
Published: 05 March 2025
Description
Adversaries may acquire domains that can be used during targeting.
Security Summary
CVE-2024-57174 is a misconfiguration vulnerability in Alphion ASEE-1443 Firmware version 0.4.H.00.02.15, where a previously unregistered domain name is defined as the default DNS suffix. This flaw affects Alphion routers running this specific firmware, enabling potential domain hijacking due to the unclaimed nature of the domain.
Attackers with low privileges (PR:L) and network access (AV:N) can exploit this vulnerability with low complexity (AC:L) and no user interaction (UI:N). By registering the unclaimed domain and configuring its wildcard DNS entry to point to an attacker-controlled IP address, they can achieve high confidentiality (C:H) and integrity (I:H) impacts, such as accessing sensitive information, while availability remains unaffected (A:N). The CVSS v3.1 base score is 8.1.
Advisories and additional details are available in the provided references, including a Medium article on internal domain names and a GitHub repository from BSides SG 2022 documenting the Alphion routers finding. No specific patch or mitigation steps are detailed in the core CVE information.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The misconfiguration exposes an unclaimed domain as the default DNS suffix, directly enabling attackers to register it and control wildcard DNS resolution for hijacking purposes.