School of Computer Science and Engineering

(SCOPE)

Fall Semester 2024 - 2025

BCSE319L: Penetration Testing and Vulnerability

Assessment

Digital Assignment II

Submitted to: -
Dr. Prakash G.

Submitted by: -

Shikhar (21BCI0063)
1. CVE-2024-45695: Unauthenticated Remote Code Execution in D -
Link Routers

This vulnerability affects certain D-Link router models, specifically DIR-

X4860 firmware versions 1.00 and 1.04. It arises due to a stack-based buffer
overflow in the router’s web service. An unauthenticated attacker can send
specially crafted data, causing the buffer to overflow and allowing arbitrary
code to be executed on the router. This gives the attacker control over the
device, which could be used for botnets, man-in-the-middle attacks, or to
monitor network traffic.

Attack scenario: A remote attacker sends malicious input through the web
service interface, leading to buffer overflow and eventually remote control
over the router.

2. CVE-2024-45200: Buffer Overflow Vulnerability

This vulnerability occurs due to improper bounds checking in a service or

application. When an attacker supplies input that exceeds the buffer size, it
can lead to a buffer overflow, allowing unauthorized access to system
resources.

Attack scenario: By exploiting this vulnerability, an attacker can bypass

authentication measures or inject code into the application, causing it to
execute commands on behalf of the attacker. This can lead to data breaches,
loss of control over applications, or system compromise.

3. CVE-2024-36650: SQL Injection in a CMS

SQL injection occurs when an application improperly sanitizes user input

before sending it to a database. This vulnerability affects a content
management system (CMS) where attackers can insert malicious SQL queries
into user input fields.

Attack scenario: By exploiting this, attackers can manipulate the database,

retrieving sensitive information like usernames, passwords, or financial data.
They could also modify or delete database content, compromising the integrity
of the system.
4. CVE-2024-33820: Cross-Site Scripting (XSS)

This vulnerability involves a cross-site scripting (XSS) flaw, where user input
is improperly sanitized before being displayed on a web page. This allows
attackers to inject malicious scripts into web pages viewed by other users.

Attack scenario: When another user views the page, the injected script could
execute in their browser, potentially stealing cookies, hijacking sessions, or
tricking users into submitting sensitive information to an attacker-controlled
site. XSS is often used to escalate attacks from simple web defacement to more
serious data theft.

5. CVE-2024-20336: Remote Code Execution (RCE) via Input

Validation Flaw

This vulnerability involves improper input validation, allowing attackers to

send malformed data to a vulnerable service, resulting in the execution of
arbitrary code. Like many RCE vulnerabilities, this can lead to a full system
compromise.

Attack scenario: A remote attacker crafts a payload containing specific data

that exploits the flaw in the system’s handling of inputs. This could allow the
attacker to run commands, manipulate files, or take full control of the affected
machine.

6. CVE-2023-50809: Privilege Escalation Vulnerability

Privilege escalation occurs when a vulnerability allows a user with lower

privileges to gain higher-level access within the system. CVE-2023-50809
affects certain enterprise network appliances.

Attack scenario: Exploiting this vulnerability, an attacker could elevate their

privileges from a restricted user account to an administrator account. This
would grant them full control over system settings, user accounts, and data.
This type of vulnerability is particularly dangerous in environments where
access should be highly controlled, like in corporate networks.
7. CVE-2023-49913: Denial of Service (DoS) Vulnerability

This vulnerability leads to a Denial of Service (DoS) attack, where an attacker

sends an overwhelming number of requests or specially crafted data to a
vulnerable service, causing it to crash or become unresponsive.

Attack scenario: The attacker floods the service with traffic, preventing
legitimate users from accessing it. This can disrupt business operations or take
critical systems offline. While DoS attacks don’t typically compromise
sensitive data, they can cause major service outages.

8. CVE-2023-49911: Race Condition Vulnerability

A race condition occurs when multiple processes access and modify shared
resources concurrently without proper synchronization, leading to
unpredictable behaviour. In the case of CVE-2023-49911, a race condition in
resource handling allows unauthorized users to execute commands they
normally shouldn’t have access to.

Attack scenario: Exploiting this flaw allows an attacker to manipulate the

timing of specific system processes, which could lead to unauthorized actions
being executed on the system. This could include modifying sensitive data,
executing code, or causing system instability.

The common attack that could be exploited from the listed CVEs is Remote Code
Execution (RCE). Many of these vulnerabilities allow an attacker to execute
arbitrary code on a vulnerable system, leading to a range of potential impacts,
including full system compromise, unauthorized access to data, or the ability to
control devices within a network. For instance, both CVE-2024-45695 and CVE-
2024-20336 specifically involve RCE vulnerabilities, while others, like CVE-
2023-49911, can also result in unauthorized execution of commands under certain
conditions.

The exploitation of RCE vulnerabilities typically involves sending malicious

input to the affected system, such as:

1. Buffer overflows (as seen in CVE-2024-45695 and CVE-2024-45200), where

attackers send excessive data that overruns the allocated memory buffer,
allowing them to control program execution.

2. SQL injection (CVE-2024-36650), where crafted SQL queries manipulate the

database or retrieve unauthorized information.
3. Cross-site scripting (XSS) (CVE-2024-33820), where attackers inject
malicious scripts that execute in the context of another user’s session,
potentially compromising their data or hijacking their session.

Research Articles (Harvard Referencing Style):

1. Gupta, S. and Gupta, B.B., 2017. Cross-Site Scripting (XSS) attacks and
defense mechanisms: classification and state-of-the-art. International
Journal of System Assurance Engineering and Management, 8, pp.512-530.
2. Cowan, C., Wagle, F., Pu, C., Beattie, S. and Walpole, J., 2000, January.
Buffer overflows: Attacks and defenses for the vulnerability of the decade.
In Proceedings DARPA Information Survivability Conference and
Exposition. DISCEX'00 (Vol. 2, pp. 119-129). IEEE.
3. Halfond, W.G., Viegas, J. and Orso, A., 2006, March. A Classification of
SQL Injection Attacks and Countermeasures. In ISSSE.
4. Mahjabin, T., Xiao, Y., Sun, G. and Jiang, W., 2017. A survey of distributed
denial-of-service attack, prevention, and mitigation
techniques. International Journal of Distributed Sensor Networks, 13(12),
p.1550147717741463.
5. Mehmood, M., Amin, R., Muslam, M.M.A., Xie, J. and Aldabbas, H., 2023.
Privilege escalation attack detection and mitigation in cloud using machine
learning. IEEE Access, 11, pp.46561-46576.
6. Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight,
J., Nguyen-Tuong, A. and Hiser, J., 2006, August. N-Variant Systems: A
Secretless Framework for Security through Diversity. In USENIX Security
Symposium (Vol. 114, p. 114).
7. Glenn, C., Sterbentz, D. and Wright, A., 2016. Cyber threat and
vulnerability analysis of the US electric sector (No. INL/EXT-16-40692).
Idaho National Lab.(INL), Idaho Falls, ID (United States).
8. Reddy, H.B.S., 2022. A Proposal: For Emerging Gaps in Finding Firm
Solutions for Cross Site Scripting Attacks on Web Applications. Journal
homepage: www. ijrpr. com ISSN, 2582, p.7421.
9. Kiriansky, V. and Waldspurger, C., 2018. Speculative buffer overflows:
Attacks and defenses. arXiv preprint arXiv:1807.03757.
10. Ahsan, M., Nygard, K.E., Gomes, R., Chowdhury, M.M., Rifat, N. and
Connolly, J.F., 2022. Cybersecurity threats and their mitigation approaches
using Machine Learning—A Review. Journal of Cybersecurity and
Privacy, 2(3), pp.527-555.