CVE-2024-30219

MEDIUM

PLANEX COMMUNICATIONS - Privilege Escalation

Title source: llm

Description

Active debug code vulnerability exists in PLANEX COMMUNICATIONS wireless LAN routers. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed. Note that MZK-MF300N is no longer supported, therefore the update for this product is not provided.

References (1)

[Third Party Advisory] https://jvn.jp/en/vu/JVNVU91975826/

Scores

CVSS v3 6.8

EPSS 0.0006

EPSS Percentile 18.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-489

Status published

Products (2)

planex/mzk-mf300hp2_firmware < 1.18

planex/mzk-mf300n_firmware

Published Apr 15, 2024

Tracked Since Feb 18, 2026