CVE-2024-51428

HIGH

Espressif ESP-IDF 5.3.0 - Denial of Service via Crafted Data Channel Packet

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-51428. PoCs published by D1se0, guozhi123456.

AI-analyzed exploit summary This repository contains a functional Python wrapper for sqlmap that automates the exploitation of CVE-2024-51428, a Blind SQL Injection vulnerability in ZoneMinder. The PoC leverages the `tid` parameter in the `/zm/index.php` endpoint to perform time-based SQL injection attacks.

Description

An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denial of Service (DoS) via a crafted data channel packet.

Exploits (2)

nomisec WORKING POC 1 stars

by D1se0 · poc

https://github.com/D1se0/CVE-2024-51428-PoC

View Code ZIP pw:eip

This repository contains a functional Python wrapper for sqlmap that automates the exploitation of CVE-2024-51428, a Blind SQL Injection vulnerability in ZoneMinder. The PoC leverages the `tid` parameter in the `/zm/index.php` endpoint to perform time-based SQL injection attacks.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: ZoneMinder

Auth required

Prerequisites: Valid ZoneMinder session cookie (ZMSESSID) · sqlmap installed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Mar 10, 2026 Full analysis →

gitee WRITEUP

by guozhi123456 · poc

https://gitee.com/guozhi123456/vulnerability-Report/blob/master/Esp/Accept_Invaild_Address.md

View Code ZIP pw:eip

The document describes a vulnerability in ESP-IDF v5.3.0 BLE stack where invalid Access Address packets are accepted, potentially leading to DoS due to device state inconsistencies. It lacks exploit code but provides technical details about the issue.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Theoretical

Target: ESP-IDF v5.3.0 (ESP32-C3)

No auth needed

Prerequisites: BLE-enabled ESP32-C3 device running ESP-IDF v5.3.0 · ability to send crafted BLE packets

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Mar 04, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory

https://gitee.com/guozhi123456/vulnerability-Report/blob/master/Esp/Accept_Invaild_Address.md

Product

https://github.com/espressif/esp-idf

Scores

CVSS v3 7.5

EPSS 0.0007

EPSS Percentile 22.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-770

Status published

Products (1)

espressif/esp-idf 5.3

Published Nov 07, 2024

Tracked Since Feb 18, 2026