Malicious actors could leverage three vulnerabilities affecting numerous Netis Wi-Fi and 4G home routers to execute sensitive data compromise, authentication evasion, and remote code execution, according to SC Media.
Targeted Netis routers could have their admin passwords reset through the exploitation of CVE-2024-48457, with compromised admin access then enabling the abuse of the RCE vulnerability, tracked as CVE-2024-48456, according to researcher h00die-gr3y, who discovered the flaws and published them on GitHub.
Attackers could also leverage CVE-2024-48455 to deliver POST request allowing the retrieval of router-stored data for succeeding intrusions, said h00die-gr3y, who noted that the vulnerabilities are yet to be addressed by Netis.
This development comes after the exploitation of vulnerable Netis, Zyxel, and D-Link routers in a Mirai-based botnet attack in October 2023. Backdoor attacks allowing remote targeting of internet-exposed Netis devices have also been reported more than a decade ago.
