Serial Interface Vulnerability in Digisol Router Could Allow Access to Sensitive Information
CVE-2024-4231

Currently unrated

Key Information:

Vendor: Digisol
Status: Digisol Router Dg-gr1321
Vendor: CVE Published:; 14 May 2024

What is CVE-2024-4231?

This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.

Successful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.

Affected Version(s)

Digisol Router DG-GR1321 v3.2.02

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOT...

third-party-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2024
Vulnerability Reserved
Apr 26, 2024

Credit

This vulnerability is discovered by Shravan Singh, Ganesh Bakare and Karan Patel from Redfox Cyber Security Inc, Toronto, Canada.