Remote Information Disclosure on Netis Wifi Routers
CVE-2024-48455

Currently unrated

Key Information:

Vendor: Netis
Status: Wifi Routers
Vendor: CVE Published:; 6 January 2025

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 52%

What is CVE-2024-48455?

A vulnerability has been identified in select Netis Wifi routers that allows a remote attacker to exploit specific parameters within the skk_get.cgi component. This exploitation could potentially lead to the exposure of sensitive information, posing a risk to the security of affected devices.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2024-48455
Created by Rapid7

References

https://github.com/users/h00die-gr3y/projects/1/views/1

EPSS Score

52% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 6, 2025
🟡
Public PoC available
Dec 27, 2024
👾
Exploit known to exist
Dec 27, 2024