Kaon · Kaon Ar2140 · CVE-2024-3659
**Name of the Vulnerable Software and Affected Versions**
KAON AR2140 routers versions prior to 4.2.16
**Description**
The issue is related to a shell command injection vulnerability. It can be exploited by sending a crafted request to one of the endpoints, but access to the administrative portal of the router is required.
**Recommendations**
For versions prior to 4.2.16, update to version 4.2.16 or later to resolve the issue. As a temporary workaround, consider restricting access to the administrative portal to minimize the risk of exploitation.