PT-2024-19490 · Digisol · Digisol Router
Ganesh Bakare
+2
·
Published
2024-05-10
·
Updated
2024-07-03
·
CVE-2024-2257
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Digisol Router (DG-GR1321) version v3.2.02
Description
This issue is caused by the improper implementation of password policies. An attacker with physical access could exploit this by creating passwords that do not adhere to the defined security standards or policy on the vulnerable system. Successful exploitation could allow the attacker to expose the router to potential security threats.
Recommendations
For Digisol Router (DG-GR1321) version v3.2.02, consider changing the password policy to enforce stronger passwords and adhere to defined security standards to minimize the risk of exploitation. As a temporary workaround, restrict physical access to the router until a patch or fix is available.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Digisol Router