CVE-2024-48455
Published: 06 January 2025
Summary
CVE-2024-48455 is a low-severity an unspecified weakness vulnerability. Its CVSS base score is 2.7 (Low).
Operationally, exploitation aligns with the MITRE ATT&CK technique System Network Configuration Discovery (T1016); ranked in the top 1.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AU-13 (Monitoring for Information Disclosure).
Deeper analysis
CVE-2024-48455 is an information disclosure vulnerability affecting multiple Netis router models and firmware versions, specifically the Wifi6 Router NX10 (2.0.1.3643 and 2.0.1.3582), Wifi 11AC Router NC65 (3.0.0.3749), NC63 (3.0.0.3327 and 3.0.0.3503), NC21 (3.0.0.3800, 3.0.0.3500 and 3.0.0.3329), and Wifi Router MW5360 (1.0.1.3442 and 1.0.1.3031). The issue exists in the skk_get.cgi component and can be triggered via the mode_name and wl_link parameters, resulting in exposure of limited sensitive information.
An authenticated remote attacker with administrative privileges can exploit the flaw over the network to retrieve sensitive data from the device. The CVSS 3.1 score of 2.7 (AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N) reflects the high-privilege requirement and the narrow scope of impact limited to confidentiality.
No vendor advisories, patches, or mitigation guidance are referenced in the available sources. The EPSS score is stable at 0.6870 with no material rise indicated, and the listed references consist of GitHub project views associated with researcher h00die-gr3y.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-43210
Vulnerability details
An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router…
more
MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the mode_name, wl_link parameters of the skk_get.cgi component.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Post-auth info disclosure via router CGI parameters directly enables network/system config and device data discovery (T1016/T1082/T1602).
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-2 requires timely identification, reporting, and correction of flaws like the information disclosure vulnerability in the skk_get.cgi component.
AC-3 enforces approved authorizations for logical access, preventing privileged remote attackers from obtaining sensitive information via mode_name and wl_link parameters.
AU-13 specifically monitors the system for unauthorized disclosure of information, such as the sensitive data leak enabled by this CVE.