Full Report
A remote attacker can craft a malicious link and send it to a privileged user. This can cause denial of service.
Analysis Summary
# Vulnerability: Kraftway-24F2XG Router Denial of Service
## CVE Details
- **CVE ID:** CVE-2018-15351
- **CVSS Score:** 6.5 (Medium) *Note: While the article text mentions 0.0, the provided vector string CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H calculates to 6.5.*
- **CWE:** Not specified (categorized as Denial of Service)
## Affected Systems
- **Products:** Kraftway-24F2XG Router
- **Versions:** Firmware version 3.5.30.1118
- **Configurations:** The vulnerability is triggered when a privileged user (administrator) interacts with a malicious link while authenticated.
## Vulnerability Description
The Kraftway-24F2XG router contains a flaw where it fails to properly handle specific requests initiated via a malicious link. An attacker can craft a URL that, when clicked by a privileged user, triggers a crash or a hang in the device's management interface or core services, resulting in a Denial of Service (DoS) condition.
## Exploitation
- **Status:** Unknown (No public PoC currently listed in the advisory)
- **Complexity:** Low
- **Attack Vector:** Network (Remote)
- **User Interaction:** Required (Target must click a link)
## Impact
- **Confidentiality:** None
- **Integrity:** None
- **Availability:** High (The device becomes unavailable for legitimate use)
## Remediation
### Patches
- Update to firmware version **3.5.47-315-gef7** or higher.
### Workarounds
- Avoid clicking on untrusted links or visiting suspicious websites while logged into the router's web management interface.
- Log out of the router management session immediately after completing administrative tasks.
## Detection
- **Indicators of Compromise:** Unexpected reboots of the router or loss of administrative access following a user's interaction with an external web link.
- **Detection methods and tools:** Monitor system uptime logs and administrative access logs for unusual patterns or crashes.
## References
- **Vendor Advisory:** hxxps://ics-cert[.]kaspersky[.]com/advisories/2018/08/17/klcert-18-007-kraftway-24f2xg-router-denial-of-service/
- **NVD Entry:** hxxps://nvd[.]nist[.]gov/vuln/detail/CVE-2018-15351