Description

A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible to access sensitive information.

INFO

Published Date :

2025-03-05T00:00:00.000Z

Last Modified :

2025-03-06T21:55:15.495Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-57174 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-57174.

URL Resource
https://chenzw.medium.com/internal-domain-names-f1cd2886c654 cve-icon cve-icon
https://github.com/geo-chen/BSides-SG-2022---Internal-Domain-Names?tab=readme-ov-file#finding-1---cve-2024-57174-alphion-routers cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact