CVE-2024-5244

MEDIUM
Published May 23, 2024 Modified Aug 6, 2025 CWE-656

Description

TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability. This vulnerability allows network-adjacent attackers to access or spoof DDNS messages on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the cmxddnsd executable. The issue results from reliance on obscurity to secure network data. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-22439.

CVSS v3.1 Score

4.2
MEDIUM
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Weakness Type (CWE)

CWE-656 CWE-656

Affected Products

Vendor Product
tp-link omada_er605_firmware
tp-link omada_er605

References

Frequently Asked Questions

What is CVE-2024-5244? +
TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability. This vulnerability allows network-adjacent attackers to access or spoof DDNS messages on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the cmxddnsd executable. The issue results from reliance on obscurity to secure network data. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-22439. It has a CVSS v3.1 base score of 4.2 (MEDIUM).
How severe is CVE-2024-5244? +
CVE-2024-5244 has a CVSS v3.1 score of 4.2 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance.
What products are affected by CVE-2024-5244? +
CVE-2024-5244 affects products from tp-link, specifically: omada_er605, omada_er605_firmware. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-5244? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2024-5244 — free, no signup required.

Start Free Scan