CVE-2024-32386

Cybersicherheitsschild. Konzept für Cyberbedrohungen

Path Traversal and Improper Update Package Validation in SNMP Update Mechanism Allows Arbitrary File Overwrite in KerOS 4.3.3 and Below

Path Traversal and Improper Update Package Validation in SNMP Update Mechanism Allows Arbitrary File Overwrite in KerOS 4.3.3 and Below

Path Traversal and Improper Update Package Validation in SNMP Update Mechanism Allows Arbitrary File Overwrite in KerOS 4.3.3 and Below

CVE ID
CVE-2024-32386
CVE Link
https://nvd.nist.gov/vuln/detail/CVE-2024-32386
Vendor
Kerlink
Affected Product & Version
KerOS ≤ 4.3.3
Vulnerability Type

CWE-22 Path Traversal
CWE-434 Unrestricted Upload of File with Dangerous Type

CVSS Base Score / CVSS Vector

NVD: Awaiting analysis

BDO: 7.3 High  / CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Author
Martin Weißbach
Date
2026-05-27

CVE Details

Description:

The SNMP implementation in KerOS 4.3.3 and below allows an attacker to supply a URL pointing to a firmware update package. Due to a path traversal vulnerability combined with insufficient validation of update packages, arbitrary files on the device file system may be overwritten. Successful exploitation can result in full compromise of the device, including unauthorized privileged access.

Remediation:

KerOS4 and KerOS5 should no longer be used, as they are considered end of life. Instead, the most recent version of KerOS 6 should be used.

References:


Timeline

2024-03-19: Vulnerability reported to Kerlink

2024-03-23: Kerlink informed us that the issues were under analysis

2024-03-29: Vendor confirmed the vulnerabilities and provided an update on the current status of the analysis, including potential fixes

2024-04-08: We provided feedback on the fixes

2024-04-28: Vendor provided an update on the status of the fixes

2024-06-11: We reported additional vulnerabilities; ongoing communication regarding these issues

2025-08-05: We informed Kerlink of our intention to release the CVEs

2025-09-06: Vendor informed us that KerOS4 is EOL, KerOS will only be maintained for critical vulnerabilities tills end of 2025 and that this vulnerability does not affect KerOS6

2026-04-01: Coordinated public disclosure of this CVE was agreed upon with the vendor

2026-05-27: CVE published