CVE-2024-31152

The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. This could lead to network service interruptions.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1982	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:level1:wbr-6012_firmware:r0.40e6:*:*:*:*:*:*:*

cpe:2.3:h:level1:wbr-6012:-:*:*:*:*:*:*:*

History

13 Nov 2024, 18:15

Type	Values Removed	Values Added
CPE		cpe:2.3:h:level1:wbr-6012:-:::::::* cpe:2.3:o:level1:wbr-6012_firmware:r0.40e6:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~5.3~~	v2 : unknown v3 : 7.5
First Time		Level1 Level1 wbr-6012 Level1 wbr-6012 Firmware
CWE		CWE-770
References	~~() https://talosintelligence.com/vulnerability_reports/TALOS-2024-1982 -~~	() https://talosintelligence.com/vulnerability_reports/TALOS-2024-1982 - Exploit, Third Party Advisory

01 Nov 2024, 12:57

Type	Values Removed	Values Added
Summary		(es) El enrutador LevelOne WBR-6012 con firmware R0.40e6 es vulnerable a una asignación incorrecta de recursos dentro de su aplicación web, donde una serie de solicitudes HTTP manipulada pueden provocar un reinicio. Esto podría provocar interrupciones del servicio de red.

30 Oct 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-30 14:15

Updated : 2024-11-13 18:15

NVD link : CVE-2024-31152

Mitre link : CVE-2024-31152

CVE.ORG link : CVE-2024-31152

JSON object : View

Products Affected

level1

wbr-6012
wbr-6012_firmware

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2024-31152", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-10-30T14:15:05.773", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1982", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}, {"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. This could lead to network service interruptions."}, {"lang": "es", "value": "El enrutador LevelOne WBR-6012 con firmware R0.40e6 es vulnerable a una asignaci\u00f3n incorrecta de recursos dentro de su aplicaci\u00f3n web, donde una serie de solicitudes HTTP manipulada pueden provocar un reinicio. Esto podr\u00eda provocar interrupciones del servicio de red."}], "lastModified": "2024-11-13T18:15:31.597", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:level1:wbr-6012_firmware:r0.40e6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCC94B2E-4651-4E98-90A1-CB53CC2E24CC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:level1:wbr-6012:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1FD255E3-0DBF-440C-AC6A-90B30DB59B34"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}