CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-55211

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00017/1

CVE-2024-55211 affects Think Router Tk-Rt-Wr135G, enabling authentication bypass. Attackers can exploit this vulnerability using a crafted cookie. The SOCRadar Vulnerability Risk Score (SVRS) for CVE-2024-55211 is 30, indicating a lower than critical risk but still warrants attention. This flaw allows unauthorized access to the router's configuration and functionalities. While the CVSS score is 0, the SVRS provides additional context through external threat intelligence. Exploitation could lead to compromised network security. Despite the low SVRS, monitoring for exploitation attempts is advised, especially with the "In The Wild" tag.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2025-04-17
LAST MODIFIED2025-04-17
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-55211 describes an authentication bypass vulnerability in Think Router Tk-Rt-Wr135G V3.0.2-X000. Attackers can exploit this flaw by crafting a malicious cookie, allowing them to gain unauthorized access. While the CVSS score is 0, the SOCRadar Vulnerability Risk Score (SVRS) is 30, and the vulnerability is actively exploited in the wild. This indicates a potentially significant risk despite the low CVSS score, requiring further investigation and mitigation.

Key Insights

  1. Authentication Bypass: The core issue is a complete bypass of the authentication mechanism, granting attackers potentially full control over the affected router.
  2. In The Wild Exploitation: The "In The Wild" tag highlights that this vulnerability is actively being exploited by hackers, increasing the urgency for immediate mitigation. This makes it significantly more dangerous than the CVSS score indicates.
  3. Cookie-Based Attack: The vulnerability is triggered via a crafted cookie. This suggests a network-based attack vector, making it easily exploitable remotely, assuming the attacker has network access to the router.
  4. SVRS vs CVSS: The discrepancy between the low CVSS score (0) and the SVRS (30) highlights the importance of considering real-world exploitability and threat landscape data. The SVRS takes into account the active exploitation, which the CVSS does not capture effectively in this case.

Mitigation Strategies

  1. Firmware Update: Immediately check for and apply any available firmware updates from the vendor (Think Router) that address this vulnerability. This is the most effective long-term solution.
  2. Network Segmentation: Isolate the Think Router on a separate network segment if possible, limiting its access to critical resources and reducing the potential impact of a successful exploit.
  3. Monitor Network Traffic: Implement network monitoring and intrusion detection systems to identify and alert on any suspicious traffic originating from or targeting the affected router. Specifically, look for unusual cookie-related activity.
  4. Access Control Lists (ACLs): Implement strict access control lists (ACLs) on the router to limit access to the administration interface to only authorized IP addresses.

Additional Information

Given the active exploitation and authentication bypass, this vulnerability should be treated as a priority. If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-55211 | Think Tk-Rt-Wr135G 3.0.2-X000 Cookie improper authentication
vuldb.com2025-04-18
CVE-2024-55211 | Think Tk-Rt-Wr135G 3.0.2-X000 Cookie improper authentication | A vulnerability classified as critical was found in Think Tk-Rt-Wr135G 3.0.2-X000. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to improper authentication. This vulnerability was named CVE-2024-55211. The attack can be initiated remotely. There is no exploit available.
vuldb.com
rss
forum
news

Social Media

CVE-2024-55211 An issue in Think Router Tk-Rt-Wr135G V3.0.2-X000 allows attackers to bypass authentication via a crafted cookie. https://t.co/QDcmdEOWXL
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
GITHUBhttps://github.com/micaelmaciel/CVE-2024-55211

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence