CVE-2024-3871

Name of the Vulnerable Software and Affected Versions Delta Electronics DVW-W02W2-E2 versions 2.5.2 and earlier

Description The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users, which implements features affected by command injections and stack overflows. Successful exploitation of these flaws would allow remote attackers to gain remote code execution with elevated privileges on the affected devices. The interface's features, such as access control lists management and WPS pin setup, are vulnerable to these attacks.

Recommendations For Delta Electronics DVW-W02W2-E2 versions 2.5.2 and earlier, consider disabling the web administration interface until a patch is available. Restrict access to the vulnerable features, such as access control lists management and WPS pin setup, to minimize the risk of exploitation. Avoid using the web administration interface for critical operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.