Cyber Resilience

CVE-2024-48457

High

Published: 06 January 2025

Published
06 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.6705 98.6th percentile
Risk Priority 55 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-48457 is a high-severity Out-of-bounds Read (CWE-125) vulnerability. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 1.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SC-7 (Boundary Protection).

Deeper analysis

Netis Wifi6 Router NX10 versions 2.0.1.3643 and 2.0.1.3582, along with multiple Netis Wifi 11AC Router models including NC65 3.0.0.3749, NC63 3.0.0.3327 and 3.0.0.3503, NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329, and MW5360 versions 1.0.1.3442 and 1.0.1.3031, contain an out-of-bounds read vulnerability tracked as CVE-2024-48457. The flaw resides in the /cgi-bin/skk_set.cgi endpoint and the /bin/scripts/start_wifi.sh binary, enabling unauthenticated remote access to sensitive device information and carrying a CVSS 3.1 score of 7.5.

An attacker with network access can directly target the exposed CGI endpoint to trigger the out-of-bounds read and retrieve confidential configuration or runtime data without authentication or user interaction. Successful exploitation yields high confidentiality impact while leaving integrity and availability unaffected.

The associated EPSS score has reached 0.6705, indicating substantial exploitation interest following disclosure. No vendor advisories or patches are referenced in the available sources.

EU & UK References

Vulnerability details

An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router…

more

MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the endpoint /cgi-bin/skk_set.cgi and binary /bin/scripts/start_wifi.sh

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

Direct remote exploitation of public router web/CGI endpoints (T1190) resulting in unauthorized disclosure of device-stored sensitive data/credentials (T1005).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-35532Shared CWE-125
CVE-2026-25181Shared CWE-125
CVE-2025-30347Shared CWE-125
CVE-2026-33669Shared CWE-125
CVE-2025-55100Shared CWE-125
CVE-2025-20916Shared CWE-125
CVE-2025-20918Shared CWE-125
CVE-2025-54950Shared CWE-125
CVE-2026-22855Shared CWE-125
CVE-2024-53834Shared CWE-125

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the out-of-bounds read vulnerability in affected Netis router firmware versions, preventing remote attackers from disclosing sensitive information.

prevent

Enforces boundary protections like firewall rules or network segmentation to block unauthenticated remote access to vulnerable endpoints /cgi-bin/skk_set.cgi and /bin/scripts/start_wifi.sh.

prevent

Validates inputs to the affected CGI endpoints and scripts to prevent crafted requests from triggering the out-of-bounds read and subsequent information disclosure.

References