CVERadar

CVE-2024-45348

Medium Severity

SVRS

30/100

CVSSv3

6.4/10

EPSS

0.00045/1

CVE-2024-45348 is a post-authorization command injection vulnerability affecting the Xiaomi Router AX9000. This vulnerability allows attackers to execute arbitrary code due to insufficient validation of user input after authentication. While the CVSS score is 6.4, the SOCRadar Vulnerability Risk Score (SVRS) is 30, indicating a relatively lower level of immediate threat compared to critical vulnerabilities. An attacker who has already gained authorized access to the router's management interface can leverage this flaw to inject and execute malicious commands. This can lead to complete system compromise, potentially enabling data theft, denial of service, or use of the router as part of a botnet. Even with the low SVRS, users should still apply available patches or mitigations to prevent exploitation, as the risk could escalate if this is combined with other vulnerabilities or if exploit code becomes widely available. Failure to address CVE-2024-45348 could expose networks to significant risks, highlighting the importance of security updates.

TAGS

No tags available

VECTOR STRING

CVSS:3.1

AV:N

AC:H

PR:H

UI:R

S:U

C:H

I:H

A:H

PUBLICATION DATE2025-03-27

LAST MODIFIED2024-09-23

SOCRadar

AI Insight

Description

CVE-2024-45348 is a post-authorization command injection vulnerability in Xiaomi Router AX9000. This vulnerability arises due to insufficient validation of user input, allowing attackers to execute arbitrary code. The SVRS of 46 indicates a moderate risk, highlighting the need for attention and appropriate mitigation measures.

Key Insights

Exploitation: Active exploits have been published, indicating that attackers are actively exploiting this vulnerability.
Impact: Successful exploitation could allow attackers to execute arbitrary code on the affected router, potentially leading to remote code execution, data theft, or denial of service.
Affected Devices: Xiaomi Router AX9000 is the only known affected device.
CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, urging organizations to take immediate action to mitigate this vulnerability.

Mitigation Strategies

Apply Software Updates: Install the latest firmware update from Xiaomi to patch the vulnerability.
Disable Remote Management: If possible, disable remote management features on the router to reduce the attack surface.
Use Strong Passwords: Set strong and unique passwords for the router's administrative interface.
Enable Firewall: Configure a firewall to block unauthorized access to the router's management ports.

Additional Information

Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
In the Wild: The vulnerability is actively exploited by hackers.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-45348 | Xiaomi Router AX9000 1.0.173 command injection

vuldb.com2025-03-09

CVE-2024-45348 | Xiaomi Router AX9000 1.0.173 command injection | A vulnerability classified as critical has been found in Xiaomi Router AX9000 1.0.173. Affected is an unknown function. The manipulation leads to command injection. This vulnerability is traded as CVE-2024-45348. It is possible to launch the attack remotely. There is no exploit available.

vuldb.com

rss

forum

news

Social Media

CVE

@CVEnew

2024-09-23

CVE-2024-45348 Xiaomi Router AX9000 has a post-authorization command injection vulnerability. This vulnerability is caused by the lack of validation of user input, and an attacker c… https://t.co/aqV69eNxpe

Affected Software

No affected software found for this CVE

References

Reference	Link
[email protected]	https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=547

CWE Details

CWE ID	CWE Name	Description
CWE-77	Improper Neutralization of Special Elements used in a Command ('Command Injection')	The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence