Security event information 8db049e9b1991f72a36a2123ecabd429

Информация об атаке

Tag
CVE-2024-4584

Date
2024-10-24

Client IP
198.98.54.234

Client GEO
united states

Vendor
Faraday

Product
GM8181 and GM828x models up to version 20240429

RAW request
GET /command_port.ini HTTP/1.0 Host: ████████████ X-Forwarded-For: █████████████ Connection: close

Description
CVE-2024-4584 is a significant information disclosure vulnerability affecting Faraday GM8181 and GM828x models up to version 20240429. The vulnerability resides in the /command_port.ini file, which, when manipulated, can lead to unauthorized access to sensitive system information. This vulnerability is particularly concerning because it can be exploited remotely without requiring authentication, making it a prime target for attackers. The public availability of exploits further exacerbates the risk, as malicious actors can easily leverage these to gain unauthorized access to affected systems. The vulnerability has been assigned a CVSS v3.1 base score of 7.5, reflecting its high severity and the potential impact on confidentiality. Despite the critical nature of this vulnerability, the vendor has not responded to disclosure attempts, leaving users exposed to potential exploitation. The lack of vendor response underscores the importance of users taking immediate action to mitigate the risk. The vulnerability's remote exploitability, combined with the absence of vendor support, makes it a pressing issue for organizations using these devices. Users are advised to implement mitigation strategies promptly to protect sensitive data from unauthorized access.

Description

CVE-2024-4584 is a significant information disclosure vulnerability affecting Faraday GM8181 and GM828x models up to version 20240429. The vulnerability resides in the /command_port.ini file, which, when manipulated, can lead to unauthorized access to sensitive system information. This vulnerability is particularly concerning because it can be exploited remotely without requiring authentication, making it a prime target for attackers. The public availability of exploits further exacerbates the risk, as malicious actors can easily leverage these to gain unauthorized access to affected systems. The vulnerability has been assigned a CVSS v3.1 base score of 7.5, reflecting its high severity and the potential impact on confidentiality. Despite the critical nature of this vulnerability, the vendor has not responded to disclosure attempts, leaving users exposed to potential exploitation. The lack of vendor response underscores the importance of users taking immediate action to mitigate the risk. The vulnerability's remote exploitability, combined with the absence of vendor support, makes it a pressing issue for organizations using these devices. Users are advised to implement mitigation strategies promptly to protect sensitive data from unauthorized access.

Mitigations
Update Firmware: Check for any available firmware updates from Faraday and apply them immediately to patch the vulnerability. Restrict Access: Limit network access to the affected devices to trusted users only, using firewalls or network segmentation. Monitor Network Traffic: Implement network monitoring to detect any unusual activity that may indicate exploitation attempts. Disable Unnecessary Services: Review and disable any unnecessary services or ports on the affected devices to reduce the attack surface. Vendor Communication: Continue to reach out to Faraday for any official patches or guidance regarding this vulnerability.

Mitigations


Update Firmware: Check for any available firmware updates from Faraday and apply them immediately to patch the vulnerability.
Restrict Access: Limit network access to the affected devices to trusted users only, using firewalls or network segmentation.
Monitor Network Traffic: Implement network monitoring to detect any unusual activity that may indicate exploitation attempts.
Disable Unnecessary Services: Review and disable any unnecessary services or ports on the affected devices to reduce the attack surface.
Vendor Communication: Continue to reach out to Faraday for any official patches or guidance regarding this vulnerability.

Links
https://avd.aquasec.com/nvd/2024/cve-2024-4584/ https://github.com/advisories/GHSA-q8h9-wf3c-q2j4 https://metadefender.com/vulnerabilities/CVE-2024-4584 https://notcve.org/view.php?id=CVE-2024-4584 https://nvd.nist.gov/vuln/detail/CVE-2024-4584 https://ogma.in/cve-2024-4584-information-disclosure-vulnerability-in-faraday-gm8181-gm828x-devices https://vuldb.com/?ctiid.263306 https://vuldb.com/?id.263306 https://vulmon.com/searchpage?q=CVE-2024-4584 https://www.recordedfuture.com/vulnerability-database/CVE-2024-4584

Links

https://avd.aquasec.com/nvd/2024/cve-2024-4584/
https://github.com/advisories/GHSA-q8h9-wf3c-q2j4
https://metadefender.com/vulnerabilities/CVE-2024-4584
https://notcve.org/view.php?id=CVE-2024-4584
https://nvd.nist.gov/vuln/detail/CVE-2024-4584
https://ogma.in/cve-2024-4584-information-disclosure-vulnerability-in-faraday-gm8181-gm828x-devices
https://vuldb.com/?ctiid.263306
https://vuldb.com/?id.263306
https://vulmon.com/searchpage?q=CVE-2024-4584
https://www.recordedfuture.com/vulnerability-database/CVE-2024-4584

Community

Contacts

Cloud

Sattelite

Информация об атаке

Engine

Sattelite

Radar

Cloud

Blog

Community

Контакты