Thursday, January 16, 2025
HomeCVE/vulnerabilityI-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks

I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks

Published on

SIEM as a Service

Follow Us on Google News

I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and UD-LT1/EX routers are being actively exploited.

These vulnerabilities pose significant risks to users, necessitating urgent attention and action. Below is a detailed look at each vulnerability, its potential impact, and the solutions provided.

CVE-2024-45841: Incorrect Permission Assignment for Critical Resource

This vulnerability, rated with a CVSS score of 6.5, involves incorrect permission assignments that allow attackers with guest-level access to retrieve files containing sensitive credential information.

Such exposure can lead to further unauthorized access and exploitation of the network.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

CVE-2024-47133: OS Command Injection

With a CVSS score of 7.2, this vulnerability permits a logged-in user with administrative permissions to execute arbitrary operating system commands on the device.

The exploitation of this vulnerability can severely compromise the integrity of the affected router, potentially allowing attackers to manipulate system settings or access sensitive data.

CVE-2024-52564: Inclusion of Undocumented Features

This vulnerability, scoring 7.5 on the CVSS scale, allows remote attackers to disable firewall protections, execute arbitrary commands, and alter device configurations without the need for authentication.

The presence of undocumented features makes this vulnerability particularly dangerous, as it can lead to extensive unauthorized control over the router.

According to the JVN report, exploiting these vulnerabilities can lead to serious repercussions for users, including unauthorized access, data theft, and loss of device control.

The potential for attackers to execute arbitrary commands and alter firewall settings elevates the risk of significant network breaches.

I-O DATA DEVICE, INC. advises users to update their device firmware to address these vulnerabilities.

Updates for CVE-2024-45841 and CVE-2024-47133 are scheduled for release by December 18, 2024. Meanwhile, patches for CVE-2024-52564 are already available with firmware version 2.1.9 for both UD-LT1 and UD-LT1/EX models.

Until firmware updates are applied, users should modify device settings based on the developer’s guidance to mitigate the risks associated with these vulnerabilities.

I-O DATA DEVICE, INC. has acknowledged the vulnerabilities and is actively working to provide effective solutions. Users can access further details and updates through the company’s official website.

The vulnerabilities were identified by Takeshi Kuramori, Kaori Takashima, and Kohei Masumi at the National Institute of Information and Communications Technology, along with Chuya Hayakawa and Ryo Kamino from 00One, Inc.

JPCERT/CC played a crucial role in coordinating the response to these vulnerabilities. For more technical insights, users are encouraged to consult JPCERT/CC’s analysis and recommendations.

Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Hackers Exploiting California Wildfire Sparks to Launching Phishing Attacks

As California grapples with devastating wildfires, communities are rallying to protect lives and property....

AIRASHI Botnet Exploiting 0-Day Vulnerabilities In Large Scale DDoS Attacks

AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August...

New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware

Botnets are the networks of compromised devices that have evolved significantly since the internet's...

FTC Slams GoDaddy For Not Implement Standard Security Practices Following Major Breaches

The Federal Trade Commission (FTC) has announced that it will require GoDaddy Inc. to...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Hackers Exploiting California Wildfire Sparks to Launching Phishing Attacks

As California grapples with devastating wildfires, communities are rallying to protect lives and property....

AIRASHI Botnet Exploiting 0-Day Vulnerabilities In Large Scale DDoS Attacks

AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August...

New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware

Botnets are the networks of compromised devices that have evolved significantly since the internet's...