CVE-2024-7029
Apache Router Command Injection
Description
Commands can be injected over the network and executed without authentication.
INFO
Published Date :
Aug. 2, 2024, 3:16 p.m.
Last Modified :
Sept. 17, 2024, 1:30 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
3.9
Public PoC/Exploit Available at Github
CVE-2024-7029 has a 6 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-7029.
| URL | Resource |
|---|---|
| https://www.akamai.com/blog/security-research/2024-corona-mirai-botnet-infects-zero-day-sirt | Exploit Third Party Advisory |
| https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-07 | Third Party Advisory US Government Resource |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
A PoC exploit for the CVE-2024-7029 vulnerability found in AvTech devices, allowing Remote Code Execution (RCE)
Python
A PoC tool for exploiting CVE-2024-7029 in AvTech devices, enabling RCE, vulnerability scanning, and an interactive shell.
abdal-security-group ebrasha avtech cctv exploit poc cve-2024-7029 remote-code-execution
C#
None
Python
None
Python
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
cisa-kev vulnerability 0day cisa exploits
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
security cve exploit poc vulnerability
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-7029 vulnerability anywhere in the article.
-
The Cyber Express
Cyble Sensors Uncover Cyberattacks on Java Framework and IoT Devices
Cyble vulnerability intelligence unit has shared a report, detailing the recent cyberattacks on the Spring Java framework and hundreds of thousands of Internet of Things (IoT) devices. The report shed ... Read more
-
The Cyber Express
Progress Telerik, Cisco, QNAP and Linux Under Attack: Cyble Honeypot Sensors
Cyble’s Vulnerability Intelligence unit has detected cyberattacks on several key IT products and systems, as threat actors have been quick to exploit vulnerabilities and enterprises slow to patch them ... Read more
-
Cybersecurity News
Sophisticated Cyber Espionage: Earth Baxia Uses CVE-2024-36401 and Cobalt Strike to Infiltrate APAC
Overview of the attack chain | Image: Trend MicroIn a recent report from Trend Micro, the cyber espionage group Earth Baxia has been identified targeting government organizations in Taiwan and potenti ... Read more
-
security.nl
'38.000 end-of-life ip-camera's fabrikant AVTech benaderbaar vanaf internet'
Zo'n 38.000 ip-camera's van fabrikant AVTech die end-of-life zijn, en daardoor geen beveiligingsupdates meer ontvangen, zijn vanaf internet benaderbaar. Dat stelt securitybedrijf Censys. Eind augustus ... Read more
-
Cybersecurity News
North Korea Targets DeFi and Crypto Companies with Advanced Social Engineering Attacks
Please enable JavaScriptThe FBI has warned sternly about North Korean state-sponsored hackers employing highly sophisticated social engineering tactics to infiltrate decentralized finance (DeFi) and c ... Read more
-
Cybersecurity News
CVE-2024-38106: 0-Day Windows Kernel Vulnerability Exploited in the Wild, PoC Published
Recently, security researcher Sergey Kornienko from PixiePoint Security published an analysis and proof-of-concept (PoC) exploit for a critical zero-day vulnerability in the Windows Kernel, identified ... Read more
-
Cybersecurity News
Researcher Identifies ToddyCat-Inspired APT Attack Leveraging ICMP Backdoor and Microsoft Exchange Flaws
Image: KasperskyCybersecurity researchers at Kaspersky’s Global Emergency Response Team (GERT) have uncovered a sophisticated attack involving an ICMP backdoor, bearing striking similarities to the ta ... Read more
-
Cybersecurity News
AISURU Botnet Identified in Massive DDoS Attack on Steam
A massive, coordinated DDoS attack disrupted Steam services globally and the Perfect World Esports platform in China on the weekend of August 24-26, coinciding with the launch of the highly anticipate ... Read more
-
The Register
Check your IP cameras: There's a new Mirai botnet on the rise
in brief A series of IP cameras still used all over the world, despite being well past their end of life, have been exploited to create a new Mirai botnet. The vulnerability (CVSS 8.7, CVE-2024-7029) ... Read more
-
Cybersecurity News
Google TAG Uncovers Watering Hole Attacks on Mongolian Government Websites
In a revealing report, Google’s Threat Analysis Group (TAG) has uncovered a series of sophisticated watering hole attacks targeting Mongolian government websites between November 2023 and July 2024. T ... Read more
-
The Cyber Express
Massive Mirai Botnet Exploited Zero-Day Vulnerability in AVTECH Cameras
Researchers have discovered a botnet campaign that is exploiting several vulnerabilities, including a zero-day vulnerability (CVE-2024-7029) in AVTECH closed-circuit television (CCTV) cameras that cou ... Read more
-
BleepingComputer
Malware exploits 5-year-old zero-day to infect end-of-life IP cameras
Image: Midjourney The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not ... Read more
-
The Hacker News
Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks
A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 (CVSS score: 8.7), the vulnerability in quest ... Read more
-
security.nl
AVTech ip-camera's al maandenlang via beveiligingslek besmet met malware
Een vijf jaar oude kwetsbaarheid in ip-camera's van fabrikant van AVTech wordt al maandenlang door criminelen gebruikt om de apparaten met malware te infecteren. Volgens internetbedrijf Akamai gaat he ... Read more
-
Cybersecurity News
Mirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029 in AVTECH IP Cameras
Akamai’s Security Intelligence Response Team (SIRT) has discovered a widespread Mirai botnet campaign exploiting a recently disclosed zero-day vulnerability (CVE-2024-7029) in AVTECH IP cameras. The v ... Read more
-
Ars Technica
Unpatchable 0-day in surveillance cam is being exploited to install Mirai
MIRAI STRIKES AGAIN — Vulnerability is easy to exploit and allows attackers to remotely execute commands. Malicious hackers are exploiting a critical vulnerability in a widely used security camera ... Read more
-
Dark Reading
CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet
Source: David Warren via Alamy Stock Photo Industrial control systems and critical infrastructure operators are being warned about a campaign leveraging a known zero-day vulnerability in remote monito ... Read more
-
Cybersecurity News
Critical Flaw Discovered in Popular Python Library Pandas
Information Stealer Malware on the Rise: ACSC Issues Urgent Cybersecurity WarningThe Australian Cyber Security Centre (ACSC) has issued a warning about the escalating threat of information stealer mal ... Read more
-
security.nl
VS waarschuwt voor actief misbruik van beveiligingslek in AVTech ip-camera
Het cyberagentschap van de Amerikaanse overheid waarschuwt voor actief misbruik van een kritieke kwetsbaarheid in een ip-camera van fabrikant AVTech en een beveiligingsupdate is niet beschikbaar. Het ... Read more
The following table lists the changes that have been made to the
CVE-2024-7029 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Initial Analysis by [email protected]
Sep. 17, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Changed Reference Type https://www.akamai.com/blog/security-research/2024-corona-mirai-botnet-infects-zero-day-sirt No Types Assigned https://www.akamai.com/blog/security-research/2024-corona-mirai-botnet-infects-zero-day-sirt Exploit, Third Party Advisory Changed Reference Type https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-07 No Types Assigned https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-07 Third Party Advisory, US Government Resource Added CPE Configuration AND OR *cpe:2.3:o:avtech:avm1203_firmware:*:*:*:*:*:*:*:* versions up to (including) fullimg-1023-1007-1011-1009 OR cpe:2.3:h:avtech:avm1203:-:*:*:*:*:*:*:* -
CVE Modified by [email protected]
Aug. 30, 2024
Action Type Old Value New Value Added Reference ICS-CERT https://www.akamai.com/blog/security-research/2024-corona-mirai-botnet-infects-zero-day-sirt [No types assigned] -
CVE Received by [email protected]
Aug. 02, 2024
Action Type Old Value New Value Added Description Commands can be injected over the network and executed without authentication. Added Reference ICS-CERT https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-07 [No types assigned] Added CWE ICS-CERT CWE-77 Added CVSS V3.1 ICS-CERT AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Added CVSS V4.0 ICS-CERT CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-7029 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-7029
weaknesses.