CVE-2024-6198 Information

Description

The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd which implements the “SNORE” interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker with access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the modem.

Reference

https://www.onekey.com/resource/security-advisory-rce-on-viasat-modems-cve-2024-6198