Remote Information Disclosure on Netis Wifi Routers
CVE-2024-48455

2.7LOW

Key Information:

Vendor

Netis

Status
Wifi Routers
Vendor
CVE Published:
6 January 2025

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 63%

What is CVE-2024-48455?

A vulnerability has been identified in select Netis Wifi routers that allows a remote attacker to exploit specific parameters within the skk_get.cgi component. This exploitation could potentially lead to the exposure of sensitive information, posing a risk to the security of affected devices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2024-48455
Created by Rapid7

References

https://github.com/users/h00die-gr3y/projects/1/views/1

EPSS Score

63% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
2.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

JSON
.