CVE-2024-33699

9.9

Critical

Published:30 Oct 2024

Last updated:17 Jun 2026

Source:talos-cna@cisco.com

Modified

Weakness (CWE)

CWE-620CWE-620

CVSS Vector

v3.1

Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Changed
Confidentiality: High
Integrity: High
Availability: High

View on MITRE Find PoC on GitHub

Description

The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the current password.

References

talos-cna@cisco.com

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1984

af854a3a-2127-422b-91ae-364da2661108

https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1984