CVE-2024-54764 Scanner

ipTIME A2004 is a widely used networking device manufactured by ipTIME, primarily deployed for home and small office environments. This router provides Wi-Fi and Ethernet connectivity and is often used for internet access sharing. It includes a web-based management interface to allow users to configure network settings. The product is popular in the Asia-Pacific region, especially in South Korea, due to its affordability and ease of use. Administrators rely on its interface for controlling access points, firewall settings, and other critical configurations. The router is commonly updated through firmware patches released by the manufacturer.

This vulnerability affects the ipTIME A2004 router and allows unauthorized users to access sensitive device configuration details. The flaw exists due to improper access controls on the endpoint "/login/hostinfo2.cgi". Attackers can exploit this issue to retrieve system information without authentication. Unauthorized access to such configuration files can expose critical system details that may aid in further exploitation. The vulnerability is classified under CWE-284 (Improper Access Control), indicating a lack of sufficient authentication mechanisms. A successful attack could allow cybercriminals to gather system insights, potentially leading to privilege escalation or further attacks. This issue is particularly concerning as routers play a crucial role in network security and traffic routing.

The vulnerability exists in the "/login/hostinfo2.cgi" endpoint of the ipTIME A2004 router. An unauthenticated attacker can send a simple HTTP GET request to this endpoint and receive sensitive configuration details in the response. The response contains key system details, including product name and system type, which may assist attackers in reconnaissance. The flaw results from improper access control mechanisms, where this endpoint does not validate authentication before responding. Attackers can leverage this oversight to gain unauthorized insights into the network environment. Since the affected endpoint responds with a 200 status code and outputs text data, it is highly susceptible to information exposure.

When exploited, this vulnerability can lead to information disclosure, allowing attackers to collect device-specific data. Malicious actors can use this information to craft targeted attacks against the router, potentially bypassing security defenses. If an attacker gains deeper insights into the system, they may attempt privilege escalation, firmware modifications, or unauthorized administrative access. In some cases, exposed details could aid in brute-force attacks on the router’s authentication mechanism. Additionally, attackers can leverage this vulnerability to identify weak configurations and exploit them further. This issue poses a risk to network security, as routers often act as the first line of defense against cyber threats.

REFERENCES

• https://github.com/Shuanunio/CVE_Requests/blob/main/ipTIME/A2004/ipTIME_A2004_unauthorized_access_vulnerability_second.md
• https://nvd.nist.gov/vuln/detail/CVE-2024-54764