CVE-2024-54763 Scanner

ipTIME A2004 is a router developed by ipTIME and is widely used for home and small office networks. It provides internet access via both wired and wireless connections and supports various network configuration features. The device is commonly used in South Korea and other regions for its affordability and ease of setup. It includes a web-based management interface that allows administrators to configure and control network settings. Due to its widespread usage, security vulnerabilities in this device can impact a large number of users. The router is periodically updated by the manufacturer to address security and performance issues.

This vulnerability affects the ipTIME A2004 router and allows unauthorized users to access sensitive configuration data. The flaw exists due to improper access controls on the endpoint "/login/hostinfo.cgi". Attackers can exploit this vulnerability to obtain device information without authentication. Such unauthorized access can be used for further reconnaissance or to aid in attacks against the device. The vulnerability is classified under CWE-284 (Improper Access Control), indicating a failure in enforcing proper authentication mechanisms. A successful exploitation of this flaw may expose critical network information.

The vulnerability is located in the "/login/hostinfo.cgi" endpoint of the ipTIME A2004 router. By sending an unauthenticated HTTP GET request to this endpoint, an attacker can retrieve sensitive information about the device. The server responds with configuration details, including device identification and system parameters, in a plaintext format. This occurs due to the lack of authentication enforcement for this specific request. Attackers can leverage this weakness to gather intelligence on the device and potentially identify further vulnerabilities. Since the endpoint is publicly accessible, the risk of exposure is high.

If exploited, this vulnerability allows attackers to retrieve critical device information without authentication. The disclosed details could help attackers map out network environments and identify additional security weaknesses. Unauthorized access to system data can lead to further security breaches, including password guessing or device hijacking. This vulnerability may also be exploited in targeted attacks to compromise the device’s integrity. Additionally, exposure of internal configuration data may enable attackers to bypass security mechanisms or execute privilege escalation attacks. Users who rely on this router for secure connectivity may face increased cyber threats.

REFERENCES

• https://github.com/Shuanunio/CVE_Requests/blob/main/ipTIME/A2004/ipTIME_A2004_unauthorized_access_vulnerability_first.md
• https://nvd.nist.gov/vuln/detail/CVE-2024-54763