exploitDog

CVE-2024-37664

Опубликовано: 17 июн. 2024

Источник: nvd

CVSS3: 5.2

EPSS Низкий

Описание

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.

Ссылки

https://github.com/ouuan/router-vuln-report/blob/master/nat-rst/redmi-rb03-nat-rst.md
Exploit
Third Party Advisory
https://github.com/ouuan/router-vuln-report/blob/master/nat-rst/redmi-rb03-nat-rst.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:mi:redmi_ax6s_firmware:1.0.57:*:*:*:*:*:*:*

cpe:2.3:h:mi:redmi_ax6s:-:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.0005

Низкий

5.2 Medium

CVSS3

Дефекты

CWE-940

Связанные уязвимости

GHSA-hc77-8v8p-w9rp

github

больше 1 года назад

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.

EPSS

Процентиль: 16%

0.0005

Низкий

5.2 Medium

CVSS3

Дефекты

CWE-940