CVE-2024-57228
Published: 10 January 2025
Description
Adversaries may abuse scripting or built-in command line interpreters (CLI) on network devices to execute malicious command and payloads.
Security Summary
CVE-2024-57228 is a command injection vulnerability (CWE-77) affecting the Linksys E7350 router running firmware version 1.1.00.032. The issue resides in the vif_disable function, where the iface parameter fails to properly sanitize user input, allowing attackers to inject and execute arbitrary commands.
The vulnerability has a CVSS v3.1 base score of 8.0 (AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating exploitation from an adjacent network with low complexity and low privileges required, and no user interaction needed. A successful attack can grant high-impact unauthorized access, potentially leading to full remote code execution, data compromise, modification of router configurations, or denial of service on the affected device.
References include a GitHub repository detailing a proof-of-concept exploit for the vulnerability in the vif_disable function, but no official vendor advisories or patches are specified in the available information.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Command injection vulnerability in the web interface's vif_disable function via iface parameter enables exploitation of a public-facing application (T1190) and facilitates arbitrary command execution on the network device CLI (T1059.008).