cbcvebase.
CVE-2024-58337
published 2025-12-30

CVE-2024-58337: Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and…

PriorityP425medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.21%
11.2th percentile
Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and configurations. Attackers can exploit this vulnerability to escalate privileges and gain unauthorized access to administrative functionalities.

Affected

24 ranges
VendorProductVersion rangeFixed in
akuvoxc313w-2_firmware
akuvoxe16c_firmware
akuvoxnc-2_firmware
akuvoxns-2_firmware
akuvoxnx-2_firmware
akuvoxr20a-2_firmware
akuvoxr20k-2_firmware
akuvoxr29_firmware
akuvoxs532_firmware
akuvoxs539_firmware
akuvoxx912_firmware
akuvoxx915_firmware
akuvoxx916_firmware
the_akuvox_companyakuvox_smart_doorphone
the_akuvox_companyakuvox_smart_doorphone
the_akuvox_companyakuvox_smart_doorphone
the_akuvox_companyakuvox_smart_doorphone
the_akuvox_companyakuvox_smart_doorphone
the_akuvox_companyakuvox_smart_intercom
the_akuvox_companyakuvox_smart_intercom
the_akuvox_companyakuvox_smart_intercom
the_akuvox_companyakuvox_smart_intercom
the_akuvox_companyakuvox_smart_intercom
the_akuvox_companyakuvox_smart_intercom

CVSS provenance

nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.