CVE-2024-37664

Name of the Vulnerable Software and Affected Versions Redmi router RB03 version 1.0.57

Description The issue allows an attacker in the same WLAN as the victim to disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router. This can lead to TCP DoS or hijacking attacks.

Recommendations For Redmi router RB03 version 1.0.57, consider restricting access to the WLAN network to minimize the risk of exploitation until a patch is available. As a temporary workaround, implement additional security measures to monitor and filter out forged TCP RST messages.