CVE-2024-45274 – This critical vulnerability allows unauthentica... (How to Fix)

Q: What is the severity of CVE-2024-45274?

CVE-2024-45274 has a CVSS score of 9.8 (CRITICAL). This critical vulnerability allows unauthenticated remote attackers to execute arbitrary operating system commands on affected devices via UDP packets. It affects network devices with missing authentication mechanisms in UDP services. Organizations using vulnerable devices exposed to networks are at risk.

📋 TL;DR

This critical vulnerability allows unauthenticated remote attackers to execute arbitrary operating system commands on affected devices via UDP packets. It affects network devices with missing authentication mechanisms in UDP services. Organizations using vulnerable devices exposed to networks are at risk.

💻 Affected Systems

Products:

Specific device models not explicitly listed in provided references, but appears to be network/embedded devices

Versions: Not specified in provided references

Operating Systems: Embedded/Linux-based systems on network devices

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configurations where UDP services are enabled without authentication

📦 What is this software?

Mbnet.mini Firmware by Mbconnectline

View all CVEs affecting Mbnet.mini Firmware →

Rex 100 Firmware by Helmholz

View all CVEs affecting Rex 100 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise leading to data theft, lateral movement, ransomware deployment, or device becoming part of botnet

🟠

Likely Case

Remote code execution allowing attacker to install malware, exfiltrate data, or disrupt device functionality

🟢

If Mitigated

Limited impact if network segmentation and strict firewall rules prevent UDP access to vulnerable services

🌐 Internet-Facing: HIGH - Unauthenticated UDP-based attack requires no credentials and can be launched remotely

🏢 Internal Only: HIGH - Even internally, unauthenticated attacks can spread laterally through networks

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

UDP-based attack requires no authentication, making exploitation straightforward once details are known

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor-specific advisories for patched versions

Vendor Advisory: https://cert.vde.com/en/advisories/VDE-2024-056

Restart Required: Yes

Instructions:

1. Identify affected devices using vendor advisories
2. Download latest firmware/software from vendor
3. Apply patch following vendor instructions
4. Restart device to activate fixes
5. Verify patch application

🔧 Temporary Workarounds

Network Segmentation

linux

Block UDP traffic to vulnerable devices at network perimeter

iptables -A INPUT -p udp --dport [VULNERABLE_PORT] -j DROP

Service Disablement

linux

Disable vulnerable UDP services if not required

systemctl disable [VULNERABLE_SERVICE]
systemctl stop [VULNERABLE_SERVICE]

🧯 If You Can't Patch

Implement strict network ACLs to block all UDP traffic to affected devices from untrusted networks
Deploy intrusion detection/prevention systems to monitor for UDP-based command execution attempts

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against vendor advisory and test UDP service response

Check Version:

Vendor-specific command (e.g., 'show version' or similar device command)

Verify Fix Applied:

Verify firmware version matches patched version and test that UDP commands no longer execute

📡 Detection & Monitoring

Log Indicators:

Unexpected UDP connections to device services
Unusual process execution from network services
Authentication bypass attempts in service logs

Network Indicators:

UDP packets to device ports followed by command execution patterns
Unusual outbound connections from device after UDP traffic

SIEM Query:

source_port:udp AND (destination_ip:[DEVICE_IP] AND command_execution_indicators)

📊 Metadata

CVE ID: CVE-2024-45274

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-306

Published: October 15, 2024

Last Updated: November 3, 2025

🔗 References

https://cert.vde.com/en/advisories/VDE-2024-056 Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2024-066 Third Party Advisory
http://seclists.org/fulldisclosure/2025/Jul/38
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-063.txt

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45274, you might also want to check these: