CVE-2024-51399

MEDIUM

Altai Technologies Ltd Altai IX500 Indoor - Info Disclosure

Title source: llm

Description

Altai Technologies Ltd Altai IX500 Indoor 22 802.11ac Wave 2 AP After login, there are file reads in the background, and attackers can obtain sensitive information such as user credentials, system configuration, and database connection strings, which can lead to data breaches and identity theft.

References (1)

[Various Sources] https://github.com/HuhaiOvO/Altai/blob/main/Altai%20IX500%20Indoor%202%C3%972%20802.11ac%20Wave%202%20AP%20file%20read.docx

View Writeup ZIP pw:eip

Scores

CVSS v3 5.7

EPSS 0.0012

EPSS Percentile 31.0%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-922

Status published

Published Nov 01, 2024

Tracked Since Feb 18, 2026