Cyber Resilience

CVE-2024-23625

Critical

Published: 26 January 2024

Published
26 January 2024
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.6 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.1001 93.2th percentile
Risk Priority 25 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-23625 is a critical-severity Command Injection (CWE-77) vulnerability in Dlink Dap-1650 Firmware. Its CVSS base score is 9.6 (Critical).

Operationally, ranked in the top 6.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. The flaw, tracked as CVE-2024-23625 and assigned CWE-77, allows unauthenticated remote attackers to inject and execute arbitrary commands. It carries a CVSS 3.1 score of 9.6 with an attack vector of adjacent network, low complexity, and no required privileges or user interaction, resulting in complete confidentiality, integrity, and availability impact with scope change.

An attacker positioned on the same network segment as an affected DAP-1650 device can send a crafted UPnP SUBSCRIBE message that triggers the injection. Successful exploitation grants command execution on the device with root privileges, enabling full control over the router's configuration, traffic, and connected clients.

The EPSS score for this CVE has remained flat at 0.1001 since disclosure, indicating no material increase in observed exploitation interest.

EU & UK References

Vulnerability details

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dlink
dap-1650 firmware
all versions

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References