CVE-2024-48455 in Wifi6 Router NX10info

Summary

by MITRE • 01/07/2025

An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the mode_name, wl_link parameters of the skk_get.cgi component.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 01/08/2025

The vulnerability identified as CVE-2024-48455 represents a critical information disclosure flaw affecting multiple Netis wireless router models including the NX10 Wifi6 routers and various NC65, NC63, NC21, and MW5360 11AC models. This security weakness resides within the skk_get.cgi component of the affected firmware versions, specifically exposing sensitive system information through improperly validated parameters. The flaw manifests when remote attackers can manipulate the mode_name and wl_link parameters to retrieve confidential data from the affected devices, potentially compromising the entire network infrastructure.

This vulnerability maps directly to CWE-200, which defines information exposure as a weakness where systems inadvertently disclose sensitive information to unauthorized parties. The technical implementation flaw occurs in the parameter validation mechanism of the skk_get.cgi script, which fails to properly sanitize or authenticate inputs before processing them. When attackers submit crafted requests containing the mode_name and wl_link parameters, the system processes these inputs without adequate access controls or data filtering, resulting in the exposure of system configuration details, network parameters, and potentially device-specific identifiers that could be leveraged for further exploitation.

The operational impact of this vulnerability extends beyond simple information disclosure, creating significant risks for network security and integrity. Remote attackers can exploit this weakness to gather detailed information about the router's operational mode, wireless link status, and potentially other system parameters that may reveal network topology, device configurations, or security settings. This intelligence gathering capability enables attackers to develop more sophisticated attack strategies, including targeted exploitation of other vulnerabilities, social engineering campaigns, or advanced persistent threat operations. The exposure of wireless network parameters could also facilitate man-in-the-middle attacks or unauthorized access to the local network.

Mitigation strategies for CVE-2024-48455 should prioritize immediate firmware updates from Netis, as these devices are affected by a known vulnerability that requires vendor-provided patches. Network administrators should implement network segmentation to limit access to affected devices, deploy intrusion detection systems to monitor for exploitation attempts, and consider disabling unnecessary services or web interfaces on these routers. Additionally, implementing network access controls through firewalls and access control lists can help prevent unauthorized remote access to the affected components. The ATT&CK framework categorizes this vulnerability under T1212, which involves exploitation of information disclosure vulnerabilities, making it critical to address through both preventive measures and active monitoring of network traffic for exploitation patterns. Organizations should also conduct thorough vulnerability assessments to identify other potentially affected devices and implement comprehensive network security monitoring to detect any exploitation attempts.

Responsible

MITRE

Reservation

10/08/2024

Disclosure

01/07/2025

Moderation

accepted

CPE

ready

EPSS

0.06356

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!