Arbitrary Web Scripts or HTML Execution Vulnerability in MEX605 v2.00.06
CVE-2024-33792

Currently unrated

Key Information:

Vendor: netis-systems
Vendor: CVE Published:; 3 May 2024

What is CVE-2024-33792?

The vulnerability in Netis Systems MEX605 version 2.00.06 allows attackers to execute arbitrary operating system commands through a specially crafted payload sent to the tracert page. This exploitation can lead to unauthorized access and manipulation of the device, highlighting the risks associated with insufficient input validation and the potential for attackers to control essential network functions. Protecting against this vulnerability requires proper security measures, including firmware updates and network segmentation to minimize exposure.

References

https://github.com/ymkyu/CVE/tree/main/CVE-2024-33792

Timeline

Vulnerability published
May 3, 2024

netis-systems

What is CVE-2024-33792?

References

Timeline