TP-Link Omada ER605 reliance on security through obscurity
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 4.9 | $0-$5k | 0.00 |
Summary
A vulnerability labeled as problematic has been found in TP-Link Omada ER605. The affected element is an unknown function. The manipulation results in Remote Code Execution. This vulnerability is reported as CVE-2024-5244. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.
Details
A vulnerability, which was classified as problematic, was found in TP-Link Omada ER605 (the affected version unknown). Affected is an unknown part. The manipulation with an unknown input leads to a remote code execution vulnerability. CWE is classifying the issue as CWE-656. The product uses a protection mechanism whose strength depends heavily on its obscurity, such that knowledge of its algorithms or key data is sufficient to defeat the mechanism. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:
TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability. This vulnerability allows network-adjacent attackers to access or spoof DDNS messages on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the cmxddnsd executable. The issue results from reliance on obscurity to secure network data. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-22439.
The advisory is shared for download at zerodayinitiative.com. This vulnerability is traded as CVE-2024-5244 since 05/22/2024. The exploitability is told to be difficult. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. There are neither technical details nor an exploit publicly available.
Upgrading eliminates this vulnerability.
Once again VulDB remains the best source for vulnerability data.
Product
Vendor
Name
License
Website
- Vendor: https://www.tp-link.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 4.9VulDB Meta Temp Score: 4.9
VulDB Base Score: 5.6
VulDB Temp Score: 5.4
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 4.2
NVD Vector: 🔍
CNA Base Score: 5.0
CNA Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Reliance on security through obscurityCWE: CWE-656
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Timeline
05/22/2024 🔍05/23/2024 🔍
05/23/2024 🔍
08/06/2025 🔍
Sources
Vendor: tp-link.comAdvisory: zerodayinitiative.com
Status: Confirmed
CVE: CVE-2024-5244 (🔍)
GCVE (CVE): GCVE-0-2024-5244
GCVE (VulDB): GCVE-100-266052
Entry
Created: 05/23/2024 17:24Updated: 08/06/2025 16:40
Changes: 05/23/2024 17:24 (48), 08/06/2025 16:40 (23)
Complete: 🔍
Cache ID: 216::103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.