CVE-2024-32387
Received Received - Intake

Kerlink Wirnet iStation Information Disclosure via Community String

Vulnerability report for CVE-2024-32387, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: MITRE

Description

An issue in Kerlink Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042 allows a remote attacker to obtain sensitive information via the community string component.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-17
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
kerlink wirnet_istation 4.3.3_20200803132042

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is in Kerlink Wirnet iStation 868 KerOS v4.3.3_20200803132042. It allows a remote attacker to access sensitive information by exploiting the community string component, which is typically used for SNMP (Simple Network Management Protocol) authentication.

Detection Guidance

This vulnerability involves exposure of sensitive information via SNMP community strings in Kerlink Wirnet iStation devices. To detect it, scan for open SNMP ports (UDP 161) on network devices and check if community strings are set to default or weak values. Use commands like 'snmpwalk -v 2c -c public <device_IP>' to test for default community strings. Inspect device configurations for exposed community strings in SNMP settings.

Impact Analysis

An attacker could exploit this to obtain sensitive information from the device, potentially leading to unauthorized access or data breaches. This may compromise network integrity or expose confidential data.

Compliance Impact

This vulnerability could lead to unauthorized data exposure, violating GDPR (data protection) or HIPAA (health data privacy) requirements. Compliance may be compromised if sensitive data is accessed or leaked.

Mitigation Strategies

Immediately change the SNMP community string to a strong, unique value to prevent unauthorized access. Disable SNMP if not required or restrict access via firewall rules to trusted IPs only.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2024-32387. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart