CVE-2024-57174

Name of the Vulnerable Software and Affected Versions Alphion ASEE-1443 Firmware version 0.4.H.00.02.15

Description A misconfiguration in the firmware defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible to access sensitive information.

Recommendations For Alphion ASEE-1443 Firmware version 0.4.H.00.02.15, consider reconfiguring the DNS settings to avoid using an unregistered domain name as the default DNS suffix until a patch is available. As a temporary workaround, restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.