Latest Cyber Security News

You are here: Home / General Cyber Security News / Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
January 17, 2025

Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices.

“These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in a Thursday report. “An attacker who is able to remotely control one of these devices can use them to further exploit devices in an internal network and do lateral movement.”

Cybersecurity

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The operational technology security firm, which carried out an extensive analysis of the firmware used in these switches using the QEMU framework, said the vulnerabilities are rooted in the dispatcher.cgi interface used to provide a web service. The list of flaws is below –

  • CVE-2024-52558 (CVSS score: 5.3) – An integer underflow flaw that can allow an unauthenticated attacker to send a malformed HTTP request, resulting in a crash
  • CVE-2024-52320 (CVSS score: 9.8) – An operating system command injection flaw that can allow an unauthenticated attacker to send commands through a malicious HTTP request, resulting in remote code execution
  • CVE-2024-48871 (CVSS score: 9.8) – A stack-based buffer overflow flaw that can allow an unauthenticated attacker to send a malicious HTTP request, resulting in remote code execution

Successful exploitation of the flaws could permit an attacker to hijack the execution flow by embedding a shellcode in the HTTP request and gain the ability to execute operating system commands.

Following responsible disclosure, the Taiwanese company has rolled out patches for the shortcomings with version 1.305b241111 released on November 15, 2024.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.


Some parts of this article are sourced from:
thehackernews.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *