CVE-2024-46330 – This CVE describes a command injection vulnerab... (How to Fix)

Q: What is the severity of CVE-2024-46330?

CVE-2024-46330 has a CVSS score of 7.4 (HIGH). This CVE describes a command injection vulnerability in VONETS VAP11G-300 devices that allows attackers to execute arbitrary commands on the system. The vulnerability exists in the iptablesWebsFilterRun object and affects users of this specific hardware model. Attackers can potentially gain full control of affected devices.

📋 TL;DR

This CVE describes a command injection vulnerability in VONETS VAP11G-300 devices that allows attackers to execute arbitrary commands on the system. The vulnerability exists in the iptablesWebsFilterRun object and affects users of this specific hardware model. Attackers can potentially gain full control of affected devices.

💻 Affected Systems

Products:

VONETS VAP11G-300

Versions: v3.3.23.6.9

Operating Systems: Embedded Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Specific to the iptablesWebsFilterRun functionality; devices using this feature are vulnerable.

📦 What is this software?

Vap11g 300 Firmware by Vonets

View all CVEs affecting Vap11g 300 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise leading to persistent backdoor installation, network pivoting, data exfiltration, and use in botnets or ransomware campaigns.

🟠

Likely Case

Remote code execution allowing attackers to modify device configuration, intercept network traffic, or use the device as a foothold for further attacks.

🟢

If Mitigated

Limited impact if device is isolated from sensitive networks and has restricted administrative access.

🌐 Internet-Facing: HIGH - These devices are often deployed as network bridges/access points and may be directly internet-accessible.

🏢 Internal Only: MEDIUM - Still significant risk if exploited from within the network perimeter.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The PDF reference contains technical details that could be used to create exploits; command injection vulnerabilities are typically easy to weaponize.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Check VONETS website for firmware updates. If update exists, download and apply through device web interface.

🔧 Temporary Workarounds

Disable iptablesWebsFilterRun functionality

all

Remove or disable the vulnerable iptablesWebsFilterRun feature if not required

Check device web interface for iptables/webs filter settings and disable

Network segmentation

all

Isolate VAP11G-300 devices from critical networks

Use firewall rules to restrict device access to management networks only

🧯 If You Can't Patch

Remove device from production or replace with secure alternative
Implement strict network access controls and monitor for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface (typically 192.168.254.254) or serial console. If version is v3.3.23.6.9, device is vulnerable.

Check Version:

curl -s http://device-ip/status | grep version or check web interface System Info page

Verify Fix Applied:

Verify firmware version has been updated to a version later than v3.3.23.6.9

📡 Detection & Monitoring

Log Indicators:

Unusual iptables commands in system logs
Suspicious process execution from web interface
Unexpected shell commands in logs

Network Indicators:

Unusual outbound connections from device
Traffic patterns suggesting device compromise
Unexpected ports open on device

SIEM Query:

source="vonets-device" AND (command="*iptables*" OR process="*sh*" OR command="*bash*")

📊 Metadata

CVE ID: CVE-2024-46330

CVSS v3 Score: 7.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-78

Published: September 26, 2024

Last Updated: June 4, 2025

🔗 References

https://hawktesters.com/5519644d-246e-4924-b7c8-8fdf742117be/704b5e66-fee5-4289-aa55-eb7feb5f0edc.pdf Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46330, you might also want to check these: