CVE-2024-57174
CVE-2024-57174
Título es
CVE-2024-57174
Mié, 05/03/2025 – 21:15
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-57174
Descripción en
A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible to access sensitive information.
05/03/2025
05/03/2025
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis
Referencias
https://chenzw.medium.com/internal-domain-names-f1cd2886c654
https://github.com/geo-chen/BSides-SG-2022—Internal-Domain-Names?tab=readme-ov-file#finding-1—cve-2024-57174-alphion-routers
Enviar en el boletín
Off
