CVE-2024-57224
Published: 10 January 2025
Summary
CVE-2024-57224 is a critical-severity Command Injection (CWE-77) vulnerability in Linksys E7350 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 13.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires validation and sanitization of user inputs like the ifname parameter to prevent command injection in the apcli_do_enr_pin_wps function.
Mandates identification, reporting, and correction of the specific command injection flaw through firmware updates or patches.
Restricts or disables nonessential capabilities such as the vulnerable WPS enrollment function to eliminate exposure to exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The command injection vulnerability in the router's apcli_do_enr_pin_wps function via the ifname parameter allows remote exploitation of a public-facing web application/service (T1190, T1210), enabling arbitrary command execution equivalent to network device CLI access (T1059.008).
NVD Description
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
Deeper analysisAI
CVE-2024-57224 is a command injection vulnerability (CWE-77) in the Linksys E7350 router running firmware version 1.1.00.032. The flaw resides in the apcli_do_enr_pin_wps function, where the ifname parameter fails to properly sanitize user input, allowing arbitrary command execution. The vulnerability has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its high impact on confidentiality, integrity, and availability.
Remote attackers can exploit this vulnerability over the network without authentication, privileges, or user interaction. By crafting malicious requests to the affected function, an attacker can inject and execute arbitrary operating system commands on the router, potentially leading to full device compromise, data theft, persistent access, or use as a pivot point in the network.
A detailed proof-of-concept and vulnerability analysis is available in the GitHub repository at https://github.com/yanggao017/vuln/blob/main/Linksys/E7350/CI_3_apcli_do_enr_pin_wps/README.md. No official patches or mitigation guidance from Linksys or other advisories were referenced in the available information.
Details
- CWE(s)