What is CVE-2024-4232?

CVE-2024-4232 is a vulnerability in Digisol Router Dg-gr1321, classified under Plaintext Storage of a Password. Published 2024-05-10.

Is CVE-2024-4232 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Digisol Router Dg-gr1321

CVE-2024-4232

This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to lack of encryption or hashing in storing of passwords within the router's firmware/ database. An attacker with physical acce…

EPSS: 0.025 (85.7th percentile) — read the EPSS interpretation.

Affected products

Digisol Router Dg-gr1321 — versions v3.2.02

Weakness classification (CWE)

CWE-256 — Plaintext Storage of a Password

Public proof-of-concept exploits

Redfox-Security/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232
Redfox-Security/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232
Redfox-Secuirty/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232
Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232
nomi-sec/PoC-in-GitHub

References

www.cert-in.org.in/s2cMainServlet (third-party-advisory)

Frequently asked questions

What is CVE-2024-4232?: CVE-2024-4232 is a vulnerability in Digisol Router Dg-gr1321, classified under Plaintext Storage of a Password. Published 2024-05-10.
Is CVE-2024-4232 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.