Cyber Resilience

CVE-2024-54007

HighRCE

Published: 07 January 2025

Published
07 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0063 70.7th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-54007 is a high-severity Command Injection (CWE-77) vulnerability in Hpe (inferred from references). Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 29.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-54007 is a set of multiple command injection vulnerabilities (CWE-77) in the web interface of the 501 Wireless Client Bridge. These flaws allow authenticated remote command execution, enabling attackers to run arbitrary commands as a privileged user on the underlying operating system. The vulnerability carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for complete system compromise.

Exploitation requires an attacker to possess administrative authentication credentials on the affected host (PR:H), making it targeted at insiders or those who have already obtained valid admin access via other means. Once authenticated over the network (AV:N), an attacker can inject malicious commands through the web interface with low complexity (AC:L) and no user interaction (UI:N). Successful exploitation grants high-impact confidentiality, integrity, and availability effects, potentially allowing full control over the device.

For mitigation details, refer to the HPE security bulletin at https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04763en_us&docLocale=en_US, which provides guidance on patches and remediation for the 501 Wireless Client Bridge.

EU & UK References

Vulnerability details

Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as…

more

a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
Why these techniques?

Command injection in web interface enables remote OS command execution (T1190) via Unix shell (T1059.004) as privileged user.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-4048Shared CWE-77
CVE-2026-31059Shared CWE-77
CVE-2026-22284Shared CWE-77
CVE-2024-39783Shared CWE-77
CVE-2024-57583Shared CWE-77
CVE-2026-46368Shared CWE-77
CVE-2024-39781Shared CWE-77
CVE-2024-39367Shared CWE-77
CVE-2026-3518Shared CWE-77
CVE-2024-57590Shared CWE-77

Affected Assets

Hpe
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Timely application of vendor patches directly remediates the command injection vulnerabilities in the web interface, preventing exploitation of CVE-2024-54007.

prevent

Validating all web interface inputs against command injection attempts ensures malicious commands are rejected before execution.

prevent

Enforcing least privilege restricts the scope of arbitrary commands executable via injection, even for authenticated administrators.

References