Login Sign Up

CVE-2024-23978

9.8 CRITICAL
Remote Code Execution Buffer Overflow

📋 TL;DR

A heap-based buffer overflow vulnerability in HOME SPOT CUBE2 routers allows attackers to execute arbitrary code by sending specially crafted invalid values. This affects HOME SPOT CUBE2 V102 and earlier versions. The affected products are end-of-life and no longer receive security updates.

💻 Affected Systems

Products:
  • HOME SPOT CUBE2
Versions: V102 and earlier
Operating Systems: Embedded router firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All configurations are vulnerable. The product is end-of-life and no longer supported by the vendor.

📦 What is this software?

Home Spot Cube 2 Firmware by Kddi

View all CVEs affecting Home Spot Cube 2 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise leading to persistent backdoor installation, credential theft, and pivot point for attacking internal networks.

🟠

Likely Case

Remote code execution allowing attackers to modify device settings, intercept network traffic, or use the device for botnet activities.

🟢

If Mitigated

Limited impact if device is isolated from critical networks and internet access is restricted.

🌐 Internet-Facing: HIGH - These are consumer routers typically directly exposed to the internet with default configurations.
🏢 Internal Only: MEDIUM - If placed behind firewalls or in isolated networks, but still vulnerable to internal threats.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability requires sending invalid values to trigger the buffer overflow. No authentication is required for exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: None available

Vendor Advisory: https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/

Restart Required: No

Instructions:

No official patch exists. The vendor has discontinued support. Replace affected devices with supported alternatives.

🔧 Temporary Workarounds

Network Isolation

all

Place affected devices in isolated network segments with strict firewall rules

Access Control Lists

all

Implement network ACLs to restrict traffic to/from affected devices

🧯 If You Can't Patch

  • Immediately replace affected HOME SPOT CUBE2 devices with supported, secure alternatives
  • If replacement is delayed, isolate devices from critical networks and implement strict network segmentation

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or serial console. If version is V102 or earlier, device is vulnerable.

Check Version:

Check device label or web interface for firmware version

Verify Fix Applied:

No fix available. Verification requires device replacement.

📡 Detection & Monitoring

Log Indicators:

  • Unusual memory allocation patterns
  • Crash logs indicating buffer overflow
  • Unexpected process restarts

Network Indicators:

  • Unusual traffic patterns to/from router
  • Suspicious payloads targeting router management interfaces

SIEM Query:

source="router_logs" AND ("buffer overflow" OR "memory corruption" OR "segmentation fault")

📊 Metadata

CVE ID: CVE-2024-23978
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: February 2, 2024
Last Updated: May 15, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-23978, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)