How to fix CVE-2024-51983?

Within 24 hours: Identify and inventory all systems with Web Services (port 80) enabled and assess external accessibility. Within 7 days: Implement network segmentation to restrict port 80 access to trusted networks only, or disable Web Services if operationally feasible. Within 30 days: Monitor vendor channels for patch availability and establish a deployment plan; conduct testing in non-production environment immediately upon patch release.

CVE-2024-51983

EUVD-2024-54998 HIGH

2025-06-25 [email protected]

Denial Of Service

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 15, 2026 - 23:19 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 23:19 euvd

EUVD-2024-54998

CVE Published

Jun 25, 2025 - 08:15 nvd

HIGH 7.5

DescriptionNVD

An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device.

AnalysisAI

CVE-2024-51983 is an unauthenticated denial-of-service vulnerability in Web Services (HTTP port 80) that allows remote attackers to crash affected devices via malformed WS-Scan SOAP requests with unexpected JobToken values, forcing repeated reboots. The vulnerability affects multiple device types with Web Services capabilities and carries a CVSS 7.5 (High) rating with no authentication required and network-accessible attack vector, making it easily exploitable at scale.

Technical ContextAI

The vulnerability exists in the Web Services SOAP implementation handling WS-Scan operations, specifically in JobToken parameter validation (CWE-1286: Improper Validation of Unsafe Equivalence in Input). The root cause is insufficient input validation on the JobToken field within SOAP requests to the Web Services feature listening on HTTP TCP port 80. When a WS-Scan SOAP request contains an unexpected or malformed JobToken value, the service fails to properly validate or sanitize this input before processing, leading to an unhandled exception that crashes the device. The affected products implement SOAP-based Web Services for scanning operations, commonly found in multifunction printers, network appliances, and similar devices. The lack of input bounds checking and type validation allows any network-accessible attacker to trigger this crash condition repeatedly without authentication.

RemediationAI

Immediate remediation steps: (1) Check vendor security advisories (manufacturer website security bulletins) for patched firmware versions; (2) If patches are available, schedule firmware updates on affected devices; (3) As interim mitigation, restrict network access to HTTP port 80 (Web Services) at the firewall/network boundary to only authorized administrative networks using IP allowlisting; (4) Disable Web Services feature if not actively required for operations; (5) Monitor for suspicious SOAP WS-Scan requests in Web Services logs; (6) Deploy intrusion detection rules to block malformed WS-Scan requests with unexpected JobToken values. Vendor patches should address input validation of JobToken parameters within SOAP request handlers and implement exception handling to prevent device crashes. Organizations unable to patch immediately should combine network segmentation with monitoring until fixes are available.

CVE-2024-51983 vulnerability details – vuln.today

Back

CVE-2024-51983

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code