Routers Vulnerable to Reboot via Web Application
CVE-2024-31152

7.5HIGH

Key Information:

Vendor: Levelone
Status: Wbr-6012
Vendor: CVE Published:; 30 October 2024

What is CVE-2024-31152?

The LevelOne WBR-6012 router running firmware R0.40e6 is susceptible to a vulnerability that results from improper resource allocation within its web application. Attackers can leverage this weakness by sending a series of specially crafted HTTP requests, potentially leading to unexpected router reboots. Such interruptions can disrupt network services, impacting user connectivity and overall performance. It is crucial for users of the WBR-6012 router to stay informed about this vulnerability and implement necessary security measures.

Affected Version(s)

WBR-6012 R0.40e6

References

https://talosintelligence.com/vulnerability_reports/TALOS...

EPSS Score

7% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2024
Vulnerability Reserved
Apr 26, 2024

Credit

Discovered by Patrick DeSantis of Cisco Talos.

JSON

Levelone

What is CVE-2024-31152?

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline

Credit