CVE-2024-8892
published 2024-09-18CVE-2024-8892: Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the…
PriorityP262critical9.1CVSS 3.1
AVNACLPRNUINSUCNIHAH
EPSS
0.34%
26.4th percentile
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use. This equipment is at the end of its useful life cycle.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| circutor | circutor_tcp2rs | — | — |
| circutor | tcp2rs_+_firmware | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-09-18
Published