CVE-2024-32386
Received Received - Intake

KerOS Directory Traversal via SNMP Update

Vulnerability report for CVE-2024-32386, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: MITRE

Description

Directory traversal vulnerability in Kerlink Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042 allows a remote attacker to obtain sensitive information via the SNMP update mechanism.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-17
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
kerlink wirnet_istation 4.3.3_20200803132042

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This is a directory traversal vulnerability in Kerlink Wirnet iStation 868 running KerOS v4.3.3_20200803132042. It allows a remote attacker to access sensitive information through the SNMP update mechanism by exploiting improper path validation.

Detection Guidance

This vulnerability involves a directory traversal in Kerlink Wirnet iStation 868 KerOS v4.3.3_20200803132042 via SNMP updates. To detect it, check if the device is running the vulnerable version and monitor SNMP update traffic for unusual file access patterns. Verify KerOS version via web interface or CLI. Look for unauthorized file reads or writes in system logs.

Impact Analysis

An attacker could exploit this to read sensitive files or data on the device, potentially leading to information disclosure. This may allow unauthorized access to system configurations or other confidential data stored on the iStation.

Compliance Impact

This vulnerability could lead to unauthorized access to sensitive data, violating confidentiality requirements in GDPR and HIPAA. Organizations using affected devices may face compliance violations, data breach notifications, and potential fines.

Mitigation Strategies

Update Kerlink Wirnet iStation 868 KerOS to the latest version to address the directory traversal vulnerability in the SNMP update mechanism. Disable SNMP if not required or restrict access to trusted sources only.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2024-32386. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart