CVE-2024-52564
published 2024-12-05CVE-2024-52564: Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote…
PriorityP278high7.5CVSS 3.0
AVNACLPRNUINSUCNIHAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.58%
43.3th percentile
Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or configuration settings of the device may be altered.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| i-o_data_device_inc | ud-lt1 | — | — |
| i-o_data_device_inc | ud-lt1_ex | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2024-52564 allows unauthenticated remote attackers to disable the firewall on affected devices without authentication — monitor for unexpected firewall state changes or unauthenticated configuration modification requests on UD-LT1 / UD-LT1/EX devices ↗
- →Exploitation has been confirmed in the wild — look for unauthorized external access attempts to the configuration interface of UD-LT1 / UD-LT1/EX routers exposed to the internet without VPN ↗
- →Attackers are targeting the Remote Management interface accessible over WAN Port, Modem, and VPN settings — alert on configuration interface access originating from untrusted/external IPs ↗
- ·CVE-2024-52564 is only partially addressed — firmware v2.1.9 fixes this specific CVE, but CVE-2024-45841 and CVE-2024-47133 remain unpatched until v2.2.0; detection posture must account for all three active vulnerabilities on affected devices ↗
- ·Affected firmware versions are UD-LT1 and UD-LT1/EX Ver.2.1.8 and earlier — scope detection rules accordingly to these device models and firmware versions ↗
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4x5w-w3cm-m967: Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver
ghsa_unreviewed·2024-12-05
CVE-2024-52564 [HIGH] CWE-1242 GHSA-4x5w-w3cm-m967: Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver
Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or configuration settings of the device may be altered.
VulnCheck
UD-LT1 and UD-LT1/EX Firmware Arbitrary OS Command Execution
vulncheck·2024·CVSS 7.5
CVE-2024-52564 [HIGH] UD-LT1 and UD-LT1/EX Firmware Arbitrary OS Command Execution
UD-LT1 and UD-LT1/EX Firmware Arbitrary OS Command Execution
Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or configuration settings of the device may be altered.
Affected: I-O DATA DEVICE, INC UD-LT1 and UD-LT1/EX
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://jvn.jp/en/jp/JVN46615026/index.html
No detection rules found.
No public exploits indexed.
2024-12-05
Published
Exploited in the wild