24F2Xg Router Firmware
CVE-2018-15350
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router.
AnalysisAI
Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-1188. Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router. Affected products include: Kraftway 24F2Xg Router Firmware. Version information: version 3.5.30.1118.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in 24F2Xg Router Firmware
View allA Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG
A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Rout
An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118. Rate
Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftwa
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118. Rated medi
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today