CVE-2024-57778

HIGH

Orbe ONetView Roeador Onet-1200 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-57778. PoCs published by KUK3N4N.

AI-analyzed exploit summary The repository describes a privilege escalation vulnerability in Orbe ONetView Roteador Onet-1200, where manipulating HTTP status codes (500 to 200) grants unauthorized access to the router's configuration page. The PoC involves intercepting and modifying responses using Burp Suite.

Description

An issue in Orbe ONetView Roeador Onet-1200 Orbe 1680210096 allows a remote attacker to escalate privileges via the servers response from status code 500 to status code 200.

Exploits (1)

nomisec WRITEUP

by KUK3N4N · poc

https://github.com/KUK3N4N/CVE-2024-57778

View Code ZIP pw:eip

The repository describes a privilege escalation vulnerability in Orbe ONetView Roteador Onet-1200, where manipulating HTTP status codes (500 to 200) grants unauthorized access to the router's configuration page. The PoC involves intercepting and modifying responses using Burp Suite.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Orbe ONetView Roteador Onet-1200 (versions up to Orbe 1680210096)

No auth needed

Prerequisites: Access to the router's web interface · Ability to intercept/modify HTTP responses (e.g., Burp Suite)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources

https://github.com/KUK3N4N/CVE-2024-57778

Scores

CVSS v3 8.8

EPSS 0.0052

EPSS Percentile 39.7%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Published Feb 14, 2025

Tracked Since Feb 18, 2026