CVE-2024-6421 – CVE-2024-6421 allows unauthenticated remote att... (How to Fix)

Q: What is the severity of CVE-2024-6421?

CVE-2024-6421 has a CVSS score of 7.5 (HIGH). CVE-2024-6421 allows unauthenticated remote attackers to read sensitive device information through an incorrectly configured FTP service. This affects devices running vulnerable FTP implementations with improper access controls. Organizations using affected FTP services on network devices are at risk.

📋 TL;DR

CVE-2024-6421 allows unauthenticated remote attackers to read sensitive device information through an incorrectly configured FTP service. This affects devices running vulnerable FTP implementations with improper access controls. Organizations using affected FTP services on network devices are at risk.

💻 Affected Systems

Products:

Specific products not detailed in provided references

Versions: Not specified in provided references

Operating Systems: Not specified

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in FTP service configurations that allow anonymous or unauthenticated access to sensitive directories.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise leading to network infiltration, credential theft, and lateral movement across infrastructure.

🟠

Likely Case

Exposure of sensitive configuration data, credentials, and device information enabling reconnaissance for further attacks.

🟢

If Mitigated

Limited information disclosure with no access to critical systems or data.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only FTP client access to vulnerable service.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: https://cert.vde.com/en/advisories/VDE-2024-038

Restart Required: No

Instructions:

1. Review vendor advisory for specific product guidance. 2. Apply configuration changes to FTP service. 3. Test functionality after changes.

🔧 Temporary Workarounds

Disable Anonymous FTP Access

all

Configure FTP service to require authentication for all access

Edit FTP configuration file to set 'anonymous_enable=NO' or equivalent

Restrict FTP Directory Access

all

Configure FTP service to limit accessible directories to non-sensitive locations

Edit FTP configuration to set appropriate chroot or directory restrictions

🧯 If You Can't Patch

Implement network segmentation to isolate FTP services
Deploy network-based controls to block unauthenticated FTP access

🔍 How to Verify

Check if Vulnerable:

Attempt anonymous FTP connection to service and check if sensitive directories are accessible

Check Version:

Check FTP service version and configuration settings

Verify Fix Applied:

Test that anonymous FTP connections are rejected and authenticated access works properly

📡 Detection & Monitoring

Log Indicators:

Anonymous FTP login attempts
Access to sensitive directories via FTP

Network Indicators:

Unusual FTP traffic patterns
Multiple failed authentication attempts

SIEM Query:

source="ftp.log" AND (anonymous_login OR access_denied)

📊 Metadata

CVE ID: CVE-2024-6421

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-552

Published: July 10, 2024

Last Updated: August 22, 2025

🔗 References

https://cert.vde.com/en/advisories/VDE-2024-038 Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2024-038 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6421, you might also want to check these: