CVE-2024-33439 — CRITICAL (9.1)

Vulnerability Description

An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker to execute arbitrary OS commands via cgi parameters.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Related Weaknesses (CWE)

CWE-77

References

https://gist.github.com/QuartzDust/848acfddff02c881eb86dd302e859e80

FAQ

What is CVE-2024-33439?

CVE-2024-33439 is a vulnerability with a CVSS score of 9.1 (CRITICAL). An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker to execute arbitrary OS commands via cgi parameters.

How severe is CVE-2024-33439?

CVE-2024-33439 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2024-33439?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.