CVE-2024-5244
CVE-2024-5244 is a medium-severity vulnerability in Tp-link Omada Er605 Firmware with a CVSS 3.x base score of 4.2. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-656.
Key facts
- Severity: Medium (CVSS 3.x base score 4.2)
- EPSS exploit prediction: 0% (26th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2024-46483
- Weakness: CWE-656
- Affected product: Tp-link Omada Er605 Firmware
- Published:
- Last modified:
Description
TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability. This vulnerability allows network-adjacent attackers to access or spoof DDNS messages on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the cmxddnsd executable. The issue results from reliance on obscurity to secure network data. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-22439.
Frequently asked questions
- What is CVE-2024-5244?
- TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability. This vulnerability allows network-adjacent attackers to access or spoof DDNS messages on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the cmxddnsd executable. The issue results from reliance on obscurity to secure network data. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-22439.
- How severe is CVE-2024-5244?
- CVE-2024-5244 has a CVSS 3.x base score of 4.2, rated medium severity. It is exploitable over an adjacent network with high attack complexity, requires no privileges and no user interaction. Impact on confidentiality is low, integrity low, and availability none.
- Is CVE-2024-5244 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (26th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2024-5244?
- CVE-2024-5244 affects Tp-link Omada Er605 Firmware. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2024-5244?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2024-5244 have an EU (EUVD) identifier?
- Yes. CVE-2024-5244 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2024-46483.
- When was CVE-2024-5244 published?
- CVE-2024-5244 was published on 2024-05-23 and last updated on 2026-06-17.
References
Affected products (1)
- cpe:2.3:o:tp-link:omada_er605_firmware:2.2.2:build_20231017:*:*:*:*:*:*
More vulnerabilities in Tp-link Omada Er605 Firmware
- CVE-2024-25139 — Critical (CVSS 10.0): In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads…
- CVE-2024-1179 — High (CVSS 8.8): TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability. This…
- CVE-2024-1180 — High (CVSS 8.0): TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability. This vulnerability allows…
- CVE-2024-5243 — High (CVSS 7.5): TP-Link Omada ER605 Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent…
- CVE-2024-5242 — High (CVSS 7.5): TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows…
- CVE-2024-5228 — High (CVSS 7.5): TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability. This…
All CVEs affecting Tp-link Omada Er605 Firmware →
Other CWE-656 vulnerabilities
- CVE-2026-7161 — Critical (CVSS 9.3): An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device…
- CVE-2026-42363 — Critical (CVSS 9.3): An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device…
- CVE-2024-12297 — Critical (CVSS 9.2): Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism.…
- CVE-2020-10284 — Critical (CVSS 9.1): No authentication is required to control the robot inside the network, moreso the latest available user manual shows an…
- CVE-2025-59093 — High (CVSS 8.5): Exos 9300 instances are using a randomly generated database password to connect to the configured MSSQL server. The…
- CVE-2024-9138 — High (CVSS 7.2): Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-severity…