Vulnerability Description
Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and configurations. Attackers can exploit this vulnerability to escalate privileges and gain unauthorized access to administrative functionalities.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Akuvox | S539 Firmware | 912.30.1.137 |
| Akuvox | S539 | - |
| Akuvox | S532 Firmware | 912.30.1.137 |
| Akuvox | S532 | - |
| Akuvox | X916 Firmware | 912.30.1.137 |
| Akuvox | X916 | - |
| Akuvox | X915 Firmware | 912.30.1.137 |
| Akuvox | X915 | - |
| Akuvox | X912 Firmware | 912.30.1.137 |
| Akuvox | X912 | - |
| Akuvox | R29 Firmware | 912.30.1.137 |
| Akuvox | R29 | - |
| Akuvox | E16C Firmware | 912.30.1.137 |
| Akuvox | E16C | - |
| Akuvox | R20K-2 Firmware | 912.30.1.137 |
| Akuvox | R20K-2 | - |
| Akuvox | R20A-2 Firmware | 912.30.1.137 |
| Akuvox | R20A-2 | - |
| Akuvox | C313W-2 Firmware | 912.30.1.137 |
| Akuvox | C313W-2 | - |
Related Weaknesses (CWE)
References
- https://cxsecurity.com/issue/WLB-2024110042Third Party Advisory
- https://packetstormsecurity.com/files/182870/Broken Link
- https://www.vulncheck.com/advisories/akuvox-smart-intercom-s-improper-access-conThird Party Advisory
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5862.phpThird Party Advisory
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5862.phpThird Party Advisory
FAQ
What is CVE-2024-58337?
CVE-2024-58337 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and configurations. Attackers can exploit this vulne...
How severe is CVE-2024-58337?
CVE-2024-58337 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-58337?
Check the references section above for vendor advisories and patch information. Affected products include: Akuvox S539 Firmware, Akuvox S539, Akuvox S532 Firmware, Akuvox S532, Akuvox X916 Firmware.