← back
CVE-2024-45880

CVE-2024-45880

CVSS 8 HIGHEPSS 0.9%CWE-78
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
08 Oct 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A command injection vulnerability exists in Motorola CX2L router v1.0.2 and below. The vulnerability is present in the SetStationSettings function. The system directly invokes the system function to execute commands for setting parameters such as MAC address without proper input filtering. This allows malicious users to inject and execute arbitrary commands.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a