How severe is CVE-2024-39229?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2024-39229?

This is classified as CWE-924, which is a common weakness in software security.

CVE-2024-39229 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 allows attackers to intercept communications via a man-in-the-middle attack when DDNS clients are reporting data to the server.

Related Vulnerabilities

CVE-2018-14526

MEDIUM

CVSS:6.5(Medium)

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker w...

CWE-9242018

CVE-2019-20844

MEDIUM

CVSS:6.5(Medium)

An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.

CWE-9242019

CVE-2015-0897

MEDIUM

CVSS:5.9(Medium)

LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a re...

CWE-9242015

CVE-2015-2968

MEDIUM

CVSS:5.9(Medium)

LINE@ for Android version 1.0.0 and LINE@ for iOS version 1.0.0 are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be i...

CWE-9242015

CVE-2021-21390

MEDIUM

CVSS:5.9(Medium)

MinIO is an open-source high performance object storage service and it is API compatible with Amazon S3 cloud storage service. In MinIO before version RELEASE.2021-03-17T02-33-02Z, there is a vulnerab...

CWE-9242021

CVE-2023-22372

MEDIUM

CVSS:5.9(Medium)

In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical...

CWE-9242023