by vicarius
log in join community
by @secatgourity
26 Apr 2024
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

Exploiting CVE-2024-4022 - Information Disclosure in Keenetic Router

by @secatgourity
by @secatgourity
26 Apr 2024
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

Exploiting CVE-2024-4022 - Information Disclosure in Keenetic Router

OS

Kali Linux
Kali LinuxKali
2024.1.*
2020.3.*
2019.4.*

Screenshots from the blog posts

images/clvb3wws9gycb1imx853qc4mw.jpgimages/clvb3wws9gycb1imx853qc4mw.jpg

Summary

A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. For the affected devices, the `/version.js` and `/ndmComponents.js` files provide sensitive configuration details without any authentication! This post covers the exploit to pull this information from the affected devices.

general

Description

Tags

#exposed_to_sensitive_information_disclosure#trendingCVE#trending#router#keenetic

@secatgourity

190 posts

Total vcoins

0

Social media links

Comments (0)