CVE Database · CVE-2024-45880
CVSS v3.1
8.0
EPSS
0.92%
Published
Oct 8, 2024
Modified
Apr 14, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
A command injection vulnerability exists in Motorola CX2L router v1.0.2 and below. The vulnerability is present in the SetStationSettings function. The system directly invokes the system function to execute commands for setting parameters such as MAC address without proper input filtering. This allows malicious users to inject and execute arbitrary commands.
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HWeaknesses (CWE)