CVE-2024-33896

HIGH

ewon Cosy+ Firmware 21.x < 21.2s10 and 22.x < 22.1s3 - OS Command Injection via Parameter Blacklist Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-33896. PoCs published by CodeB0ss.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Ewon Cosy+ firmware 21.2s7 by uploading a malicious OpenVPN configuration file. The configuration uses the '--up' parameter to execute a reverse shell, granting root access to the attacker.

Description

Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s3.

Exploits (1)

exploitdb WORKING POC
by CodeB0ss · pythonhardwaremultiple
https://www.exploit-db.com/exploits/52160

This exploit leverages a command injection vulnerability in Ewon Cosy+ firmware 21.2s7 by uploading a malicious OpenVPN configuration file. The configuration uses the '--up' parameter to execute a reverse shell, granting root access to the attacker.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Ewon Cosy+ firmware 21.2s7
Auth required
Prerequisites: Authenticated access to the device · Ability to upload custom OpenVPN configuration
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 7.2
EPSS 0.0402
EPSS Percentile 89.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-78
Status published
Products (1)
hms-networks/ewon_cosy\+_firmware 21.0 - 21.2s10
Published Aug 02, 2024
Tracked Since Feb 18, 2026