CVE-2024-30078

HIGH

Windows Wi-Fi Driver - Remote Code Execution

Title source: manual

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-30078. PoCs published by 52by.

AI-analyzed exploit summary The repository contains functional exploit code for CVE-2024-30078, demonstrating a vulnerability check and command execution via HTTP POST requests with JSON payloads. The PoC includes two Python scripts that target a specific endpoint to detect and exploit the vulnerability.

Description

Windows Wi-Fi Driver Remote Code Execution Vulnerability

Exploits (2)

github WORKING POC 9 stars

by 52by · pythonpoc

https://github.com/52by/CVE-2024-30078

View Code ZIP pw:eip

The repository contains functional exploit code for CVE-2024-30078, demonstrating a vulnerability check and command execution via HTTP POST requests with JSON payloads. The PoC includes two Python scripts that target a specific endpoint to detect and exploit the vulnerability.

Classification

Working Poc 80%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Unknown (endpoint '/check' suggests a web application)

No auth needed

Prerequisites: Network access to the target endpoint · Target application must be vulnerable to CVE-2024-30078

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

inthewild WORKING POC

poc

https://github.com/lvyitian/cve-2024-30078-

View Code ZIP pw:eip

The repository contains a functional NASL script for detecting and exploiting CVE-2024-30078, a command injection vulnerability in web applications. The script checks for vulnerability by sending a crafted HTTP request and executes a specified command if the target is vulnerable.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Unspecified web applications with improper input validation

No auth needed

Prerequisites: Target IP and port · Vulnerable endpoint · Nessus tool for script execution

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (3)

Core 3

Core References

Patch, Vendor Advisory vendor-advisory

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30078

Third Party Advisory

https://www.vicarius.io/vsociety/posts/cve-2024-30078-detection-script-windows-wi-fi-driver-remote-code-execution-vulnerability

Third Party Advisory

https://www.vicarius.io/vsociety/posts/cve-2024-30078-mitigation-script-windows-wi-fi-driver-remote-code-execution-vulnerability

Scores

CVSS v3 8.8

EPSS 0.2500

EPSS Percentile 96.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-20

Status published

Products (16)

microsoft/windows_10_1507 < 10.0.10240.20680

microsoft/windows_10_1607 < 10.0.14393.7070

microsoft/windows_10_1809 < 10.0.17763.5936

microsoft/windows_10_21h2 < 10.0.19044.4529

microsoft/windows_10_22h2 < 10.0.19045.4529

microsoft/windows_11_21h2 < 10.0.22000.3019

microsoft/windows_11_22h2 < 10.0.22621.3737

microsoft/windows_11_23h2 < 10.0.22631.3737

microsoft/windows_server_2008 (2 CPE variants)

microsoft/windows_server_2008 r2 sp1

... and 6 more

Published Jun 11, 2024

Tracked Since Feb 18, 2026