
Critical security vulnerabilities have been identified in Planet Technology’s WGS-804HPT industrial switches, commonly used in building and home automation systems. Claroty’s cybersecurity research team has uncovered three significant flaws that could enable remote code execution on affected devices.
The vulnerabilities, discovered in the dispatcher.cgi web service interface, include:
1. CVE-2024-52558 (CVSS 5.3)
– Integer underflow vulnerability
– Allows system crashes through malformed HTTP requests
– No authentication required
2. CVE-2024-52320 (CVSS 9.8)
– OS command injection vulnerability
– Enables remote code execution
– Exploitable without authentication
3. CVE-2024-48871 (CVSS 9.8)
– Stack-based buffer overflow vulnerability
– Permits remote code execution
– No authentication needed
These vulnerabilities can be exploited by attackers to execute malicious code and gain control of affected devices, potentially leading to further network compromise. Planet Technology has addressed these issues by releasing a security patch (version 1.305b241111) on November 15, 2024.
Users are strongly advised to update their devices to the latest firmware version to protect against these security risks.