CVE-2024-32238

CRITICAL EXPLOITED NUCLEI

H3C ER8300G2-X - Insufficiently Protected Credentials via Management System Page

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2024-32238 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including FuBoLuSec. A Nuclei detection template is also available.

AI-analyzed exploit summary This script exploits an arbitrary file read vulnerability in TOTOLINK ER8300G2 routers by sending a crafted HTTP GET request to retrieve the device configuration file. The exploit checks for a successful response and saves the configuration data if the vulnerability is confirmed.

Description

H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's management system can be accessed via the management system page login interface.

Exploits (1)

nomisec WORKING POC 1 stars
by FuBoLuSec · infoleak
https://github.com/FuBoLuSec/CVE-2024-32238

This script exploits an arbitrary file read vulnerability in TOTOLINK ER8300G2 routers by sending a crafted HTTP GET request to retrieve the device configuration file. The exploit checks for a successful response and saves the configuration data if the vulnerability is confirmed.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: TOTOLINK ER8300G2
No auth needed
Prerequisites: Network access to the target device · Target device must be running vulnerable firmware
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

H3C ER8300G2-X - Password Disclosure
CRITICALVERIFIEDby s4e-io,adeljck
FOFA: body="icg_helpScript.js"

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.5323
EPSS Percentile 98.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

VulnCheck KEV 2025-02-27
CWE
CWE-522
Status published
Published Apr 22, 2024
Tracked Since Feb 18, 2026