CVE-2024-36475

Q: What is the severity of CVE-2024-36475?

CVE-2024-36475 has a CVSS score of 8.8 (HIGH). This vulnerability in Century Systems' FutureNet NXR, VXR, and WXR series allows authenticated users with debug function knowledge to execute arbitrary OS commands via active debug code. It affects organizations using these network devices, potentially leading to full system compromise.

8.8 HIGH

Remote Code Execution

📋 TL;DR

This vulnerability in Century Systems' FutureNet NXR, VXR, and WXR series allows authenticated users with debug function knowledge to execute arbitrary OS commands via active debug code. It affects organizations using these network devices, potentially leading to full system compromise.

💻 Affected Systems

Products:

FutureNet NXR series
FutureNet VXR series
FutureNet WXR series

Versions: All versions prior to patches released July 2024

Operating Systems: Embedded OS on affected devices

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user with debug function knowledge

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover, data exfiltration, lateral movement within network, and persistent backdoor installation.

🟠

Likely Case

Unauthorized command execution leading to configuration changes, service disruption, or credential harvesting.

🟢

If Mitigated

Limited impact if debug functions are disabled and access is restricted to trusted administrators only.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authentication but debug function usage is straightforward for knowledgeable users

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches released July 16, 2024

Vendor Advisory: https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.html

Restart Required: Yes

Instructions:

1. Download firmware update from Century Systems website. 2. Backup current configuration. 3. Apply firmware update via device management interface. 4. Reboot device. 5. Verify debug functions are disabled.

🔧 Temporary Workarounds

Disable Debug Functions

all

Disable all debug functionality in device configuration

Configure via device management interface: Disable debug mode and remove debug user accounts

Restrict Administrative Access

all

Limit device management access to trusted IP addresses only

Configure access control lists to restrict management interface access

🧯 If You Can't Patch

Isolate affected devices in separate network segments with strict firewall rules
Implement multi-factor authentication for all administrative access

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against patched versions listed in vendor advisory

Check Version:

Check via device web interface or CLI: show version

Verify Fix Applied:

Verify firmware version is updated and debug functions are disabled in configuration

📡 Detection & Monitoring

Log Indicators:

Debug mode activation logs
Unusual command execution patterns
Authentication from unexpected sources

Network Indicators:

Unexpected outbound connections from devices
Anomalous traffic patterns from management interfaces

SIEM Query:

source="device_logs" AND (event="debug_mode" OR command="system" OR command="shell")

📊 Metadata

CVE ID: CVE-2024-36475

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-78

Published: July 17, 2024

Last Updated: November 21, 2024

🔗 References

https://jvn.jp/en/vu/JVNVU96424864/ Third Party Advisory
https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.html Vendor Advisory
https://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.html Vendor Advisory
https://jvn.jp/en/vu/JVNVU96424864/ Third Party Advisory
https://www.centurysys.co.jp/backnumber/nxr_common/20240716-01.html Vendor Advisory
https://www.centurysys.co.jp/backnumber/nxr_common/20240716-03.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Futurenet Nxr 120\/c Firmware by Centurysys

Futurenet Nxr 1200 Firmware by Centurysys

Futurenet Nxr 125\/cx Firmware by Centurysys

Futurenet Nxr 130\/c Firmware by Centurysys

Futurenet Nxr 1300 Firmware by Centurysys

Futurenet Nxr 155\/c Firmware by Centurysys

Futurenet Nxr 160\/lw Firmware by Centurysys

Futurenet Nxr 230\/c Firmware by Centurysys

Futurenet Nxr 350\/c Firmware by Centurysys

Futurenet Nxr 530 Firmware by Centurysys

Futurenet Nxr 610x Firmware by Centurysys

Futurenet Nxr 650 Firmware by Centurysys

Futurenet Nxr G050 Firmware by Centurysys

Futurenet Nxr G060 Firmware by Centurysys

Futurenet Nxr G100 Firmware by Centurysys

Futurenet Nxr G110 Firmware by Centurysys

Futurenet Nxr G120 Firmware by Centurysys

Futurenet Nxr G180\/l Ca Firmware by Centurysys

Futurenet Nxr G200 Firmware by Centurysys

Futurenet Vxr X64 by Centurysys

Futurenet Vxr X86 by Centurysys

Futurenet Wxr 250 Firmware by Centurysys