CVE-2024-54007

HighRCE

Published: 07 January 2025

Published

07 January 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0054 67.6th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-54007 is a high-severity Command Injection (CWE-77) vulnerability in Hpe (inferred from references). Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 32.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Timely application of vendor patches directly remediates the command injection vulnerabilities in the web interface, preventing exploitation of CVE-2024-54007.

SI-10 Information Input Validation good match

prevent

Validating all web interface inputs against command injection attempts ensures malicious commands are rejected before execution.

AC-6 Least Privilege partial match

prevent

Enforcing least privilege restricts the scope of arbitrary commands executable via injection, even for authenticated administrators.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1059.004 Unix Shell Execution

Adversaries may abuse Unix shell commands and scripts for execution.

attack.mitre.org →

Why these techniques?

Command injection in web interface enables remote OS command execution (T1190) via Unix shell (T1059.004) as privileged user.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as…

a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.

Deeper analysisAI

CVE-2024-54007 is a set of multiple command injection vulnerabilities (CWE-77) in the web interface of the 501 Wireless Client Bridge. These flaws allow authenticated remote command execution, enabling attackers to run arbitrary commands as a privileged user on the underlying operating system. The vulnerability carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for complete system compromise.

Exploitation requires an attacker to possess administrative authentication credentials on the affected host (PR:H), making it targeted at insiders or those who have already obtained valid admin access via other means. Once authenticated over the network (AV:N), an attacker can inject malicious commands through the web interface with low complexity (AC:L) and no user interaction (UI:N). Successful exploitation grants high-impact confidentiality, integrity, and availability effects, potentially allowing full control over the device.

For mitigation details, refer to the HPE security bulletin at https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04763en_us&docLocale=en_US, which provides guidance on patches and remediation for the 501 Wireless Client Bridge.