Vulnerability Details CVE-2024-3659
Firmware in KAON AR2140 routers, prior to versions 3.2.50 and 4.2.16, is vulnerable to a shell command injection via sending a crafted request to one of the endpoints.
In order to exploit this vulnerability, one has to have access to the administrative portal of the router.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.9%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2024-3659
-
cpe:2.3:h:kaongroup:ar2140:-
-
cpe:2.3:o:kaongroup:ar2140_firmware:*