Summary: Century Systems Co., Ltd. has issued a critical security advisory for its FutureNet NXR series routers due to a severe vulnerability (CVE-2024-50357) that allows remote exploitation of exposed REST-APIs. This vulnerability poses significant risks, including unauthorized access and potential network attacks, particularly since affected routers come with vulnerable settings enabled by default.
Threat Actor: Unknown | unknown
Victim: Century Systems Co., Ltd. | Century Systems Co., Ltd.
Key Point :
- Vulnerability CVE-2024-50357 has a CVSS score of 9.8, indicating critical severity.
- REST-APIs are unintentionally enabled by default, exposing routers to attacks.
- Attackers can change router settings, steal sensitive information, and launch further attacks.
- Affected models include NXR-G110, NXR-G060, and NXR-G050 series routers with specific firmware versions.
- Users are urged to update firmware immediately or apply a provided workaround if an update is not feasible.
Century Systems Co., Ltd. has issued a critical security advisory regarding its FutureNet NXR series routers. A vulnerability, tracked as CVE-2024-50357 and assigned a CVSS score of 9.8 (indicating a critical severity), allows attackers to remotely exploit exposed REST-APIs.
The vulnerability stems from an error that unintentionally enables REST-APIs when the router is powered up, even if they are disabled in the factory default configuration. This occurs if either the HTTP server (GUI) or web authentication is enabled. Worryingly, the factory default configuration has the HTTP server enabled, making these routers vulnerable out-of-the-box.
An attacker could exploit CVE-2024-50357 to gain unauthorized access to the router and potentially:
- Change router settings: Modify DNS settings to redirect traffic, manipulate firewall rules, or alter other critical configurations.
- Steal sensitive information: Access user credentials, network data, or other private information passing through the router.
- Launch further attacks: Use the compromised router as a launchpad for attacks on other devices within the network.
Affected Devices:
The following FutureNet NXR series router models and firmware versions are affected:
- NXR-G110 series: Firmware versions 21.15.7 and later but prior to 21.15.9
- NXR-G060 series: All firmware versions prior to 21.15.6C1
- NXR-G050 series: Firmware versions 21.12.5 and later but prior to 21.12.11
What to Do:
Century Systems urges users to take immediate action to mitigate the risk:
- Update Firmware: Update your routerβs firmware to the latest available version. This is the most effective solution to address the vulnerability.
- Apply Workaround: If immediate firmware update is not possible, Century Systems has provided a workaround, which can be found on their official website.