Vulnerability Details CVE-2024-3659
Firmware in KAON AR2140 routers, prior to versions 3.2.50 and 4.2.16, is vulnerable to a shell command injection via sending a crafted request to one of the endpoints.
In order to exploit this vulnerability, one has to have access to the administrative portal of the router.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 63.2%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2024-3659
-
cpe:2.3:h:kaongroup:ar2140:-
-
cpe:2.3:o:kaongroup:ar2140_firmware:*