CVE-2024-5035
May 27, 2024, 8:15 a.m.
Tags
Product(s) Impacted
Archer C4500X
- through 1_1.1.6
Description
The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. By successfully exploiting this flaw, remote unauthenticated attacker can gain arbitrary command execution on the device with elevated privileges.This issue affects Archer C4500X: through 1_1.1.6.
Weaknesses
Date
Published: May 27, 2024, 8:15 a.m.
Last Modified: May 27, 2024, 8:15 a.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
research@onekey.com