Cyber Resilience

CVE-2024-39228

CriticalPublic PoCRCE

Published: 06 August 2024

Published
06 August 2024
Modified
15 August 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0019 41.0th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-39228 is a critical-severity OS Command Injection (CWE-78) vulnerability in Gl-Inet Mt6000 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked at the 41.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config and check_config.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

Shell injection vulnerability in OVPN interface functions allows arbitrary Unix shell command execution remotely, enabling T1059.004 (Unix Shell) and T1210 (Exploitation of Remote Services).

Affected Assets

gl-inet
mt6000 firmware
4.5.8
gl-inet
a1300 firmware
4.5.16
gl-inet
x300b firmware
4.5.16
gl-inet
ax1800 firmware
4.5.16
gl-inet
axt1800 firmware
4.5.16
gl-inet
mt2500 firmware
4.5.16
gl-inet
mt3000 firmware
4.5.16
gl-inet
x3000 firmware
4.4.8
gl-inet
xe3000 firmware
4.4.8
gl-inet
xe300 firmware
4.3.16
+18 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-78

Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.

addresses: CWE-78

Validates inputs to block special elements that would alter OS command execution.

References