The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. By successfully exploiting this flaw, remote unauthenticated attacker can gain arbitrary command execution on the device with elevated privileges.This issue affects Archer C4500X: through 1_1.1.6.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ONEKEY

Published: 2024-05-27T07:22:59.959Z

Updated: 2024-08-01T21:03:10.451Z

Reserved: 2024-05-16T21:01:26.696Z

Link: CVE-2024-5035

cve-icon Vulnrichment

Updated: 2024-08-01T21:03:10.451Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-27T08:15:09.490

Modified: 2024-11-21T09:46:49.497

Link: CVE-2024-5035

cve-icon Redhat

No data.