Vulnerability Details CVE-2024-3659
Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command injection via sending a crafted request to one of the endpoints.
In order to exploit this vulnerability, one has to have access to the administrative portal of the router.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.2%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2024-3659
-
cpe:2.3:h:kaongroup:ar2140:-
-
cpe:2.3:o:kaongroup:ar2140_firmware:*