Century Systems Routers Vulnerable to Remote Exploitation – CVE-2024-50357 (CVSS 9.8)

by do son · Published November 4, 2024 · Updated November 4, 2024

Century Systems Co., Ltd. has issued a critical security advisory regarding its FutureNet NXR series routers. A vulnerability, tracked as CVE-2024-50357 and assigned a CVSS score of 9.8 (indicating a critical severity), allows attackers to remotely exploit exposed REST-APIs.

The vulnerability stems from an error that unintentionally enables REST-APIs when the router is powered up, even if they are disabled in the factory default configuration. This occurs if either the HTTP server (GUI) or web authentication is enabled. Worryingly, the factory default configuration has the HTTP server enabled, making these routers vulnerable out-of-the-box.

An attacker could exploit CVE-2024-50357 to gain unauthorized access to the router and potentially:

Change router settings: Modify DNS settings to redirect traffic, manipulate firewall rules, or alter other critical configurations.
Steal sensitive information: Access user credentials, network data, or other private information passing through the router.
Launch further attacks: Use the compromised router as a launchpad for attacks on other devices within the network.

Affected Devices:

The following FutureNet NXR series router models and firmware versions are affected:

NXR-G110 series: Firmware versions 21.15.7 and later but prior to 21.15.9
NXR-G060 series: All firmware versions prior to 21.15.6C1
NXR-G050 series: Firmware versions 21.12.5 and later but prior to 21.12.11

What to Do:

Century Systems urges users to take immediate action to mitigate the risk:

Update Firmware: Update your router’s firmware to the latest available version. This is the most effective solution to address the vulnerability.
Apply Workaround: If immediate firmware update is not possible, Century Systems has provided a workaround, which can be found on their official website.