CVE-2024-48456

HIGH EXPLOITED

Netis Wifi Router - Info Disclosure

Title source: llm

Exploitation Summary

CVE-2024-48456 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit, including a Metasploit module exploits/linux/http/netis_unauth_rce_cve_2024_48456_and_48457.

AI-analyzed exploit summary This Metasploit module exploits a chain of vulnerabilities in Netis routers, including unauthenticated password reset (CVE-2024-48457), command injection (CVE-2024-48456), and information disclosure (CVE-2024-48455). It achieves remote code execution by leveraging improper handling of base64-encoded parameters in the router's web interface.

Description

An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the parameter password at the change admin password page at the router web interface.

Exploits (1)

metasploit WORKING POC EXCELLENT

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/netis_unauth_rce_cve_2024_48456_and_48457.rb

View Code ZIP pw:eip

This Metasploit module exploits a chain of vulnerabilities in Netis routers, including unauthenticated password reset (CVE-2024-48457), command injection (CVE-2024-48456), and information disclosure (CVE-2024-48455). It achieves remote code execution by leveraging improper handling of base64-encoded parameters in the router's web interface.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Netis Routers (multiple firmware versions)

No auth needed

Prerequisites: Network access to the router's web interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources

https://github.com/users/h00die-gr3y/projects/1/views/1

Scores

CVSS v3 7.5

EPSS 0.8258

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

VulnCheck KEV 2026-06-01

CWE

CWE-125

Status published

Published Jan 06, 2025

Tracked Since Feb 18, 2026