CVE-2024-4231
📋 TL;DR
This vulnerability allows attackers with physical access to gain root shell access on Digisol DG-GR1321 routers by connecting to exposed UART pins on the serial interface. It affects organizations using these routers where physical security is insufficient. The attacker can then access sensitive information and potentially modify system configurations.
💻 Affected Systems
- Digisol Router DG-GR1321
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of router with root access, allowing attacker to steal all credentials, modify routing/firewall rules, install persistent malware, and pivot to internal networks.
Likely Case
Attacker gains root access to router, extracts configuration data including passwords, and potentially disrupts network connectivity.
If Mitigated
With proper physical security controls, the vulnerability cannot be exploited as physical access is required.
🎯 Exploit Status
Exploitation requires physical access, UART pin identification, and serial connection tools. No authentication bypass needed once physical access is obtained.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not available
Vendor Advisory: https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0158
Restart Required: No
Instructions:
No official patch available. Contact Digisol for firmware updates or mitigation guidance.
🔧 Temporary Workarounds
Physical Security Enhancement
allImplement physical security controls to prevent unauthorized access to router hardware
UART Pin Disable/Obscure
allPhysically obscure or disable UART pins on the PCB to prevent serial connection
🧯 If You Can't Patch
- Implement strict physical access controls to network equipment rooms/cabinets
- Consider replacing affected routers with models that have proper UART security controls
🔍 How to Verify
Check if Vulnerable:
Check router model (DG-GR1321), hardware version (3.7L), and firmware version (v3.2.02). Physically inspect for exposed UART pins on PCB.Check Version:
Login to router web interface or check sticker on device for firmware versionVerify Fix Applied:
No fix available to verify. Ensure physical security measures prevent unauthorized physical access.📡 Detection & Monitoring
Log Indicators:
- Serial console access logs (if enabled)
- Unexpected configuration changes
- Authentication from unknown serial terminals
Network Indicators:
- Sudden routing changes
- Unexpected firewall rule modifications
- New administrative sessions
SIEM Query:
Search for serial/console access events, configuration changes without proper authorization, or root shell access from unexpected sources