CVE-2024-48457

Name of the Vulnerable Software and Affected Versions: Netis Wifi6 Router NX10 versions 2.0.1.3582 through 2.0.1.3643 Netis Wifi 11AC Router NC65 version 3.0.0.3749 Netis Wifi 11AC Router NC63 versions 3.0.0.3327 through 3.0.0.3503 Netis Wifi 11AC Router NC21 versions 3.0.0.3329 through 3.0.0.3800 Netis Wifi Router MW5360 versions 1.0.1.3031 through 1.0.1.3442

Description: The issue allows a remote attacker to obtain sensitive information via the endpoint "/cgi-bin/skk set.cgi" and binary "/bin/scripts/start wifi.sh". It is also related to a buffer overflow vulnerability in the web interface management of Netis Wi-Fi routers, which can be exploited by sending specially crafted POST requests to reset the current password and set a new one.

Recommendations: For Netis Wifi6 Router NX10 versions 2.0.1.3582 through 2.0.1.3643, restrict access to the "/cgi-bin/skk set.cgi" endpoint until a patch is available. For Netis Wifi 11AC Router NC65 version 3.0.0.3749, avoid using the binary "/bin/scripts/start wifi.sh" until the issue is resolved. For Netis Wifi 11AC Router NC63 versions 3.0.0.3327 through 3.0.0.3503, consider disabling the web interface management until a fix is provided. For Netis Wifi 11AC Router NC21 versions 3.0.0.3329 through 3.0.0.3800, restrict access to the vulnerable endpoint and binary to minimize the risk of exploitation. For Netis Wifi Router MW5360 versions 1.0.1.3031 through 1.0.1.3442, as a temporary workaround, consider disabling the web interface management until a patch is available.