CVE-2024-51114 is a critical vulnerability identified in Beijing Digital China Yunke Information Technology Co.Ltd's software version 7.2.6.120. The vulnerability resides in the customizable.php script within the code/function/dpi/web_auth/ directory. It allows remote attackers to execute arbitrary code on the affected system by exploiting improper input validation leading to command injection (CWE-77). The attack vector is network-based (AV:N), requiring low attack complexity (AC:L) and low privileges (PR:L), but no user interaction (UI:N) is needed. The vulnerability impacts confidentiality, integrity, and availability (C:H/I:H/A:H), making it highly dangerous. Although no public exploits have been reported yet, the nature of the vulnerability suggests that exploitation could lead to full system compromise. The lack of available patches increases the urgency for organizations to implement interim protective measures. The vulnerability is particularly concerning for environments where this software is used for web authentication and DPI (Deep Packet Inspection) functions, as compromise could undermine network security controls.

The vulnerability allows remote attackers to execute arbitrary code, potentially leading to full system compromise. This can result in unauthorized access to sensitive data, disruption of services, and manipulation or destruction of critical information. Given the software's role in web authentication and DPI, exploitation could also enable attackers to bypass security controls, intercept or alter network traffic, and escalate privileges within the network. Organizations relying on this product for network security or authentication may face significant operational and reputational damage. The high CVSS score reflects the broad impact on confidentiality, integrity, and availability. Without patches, the risk of exploitation remains elevated, especially in environments with exposed network access to the vulnerable component.

1. Immediately restrict network access to the vulnerable customizable.php endpoint by implementing firewall rules or network segmentation to limit exposure. 2. Monitor logs and network traffic for unusual activity targeting the code/function/dpi/web_auth/customizable.php path or signs of command injection attempts. 3. Employ Web Application Firewalls (WAFs) with custom rules to detect and block injection payloads targeting this vulnerability. 4. Enforce the principle of least privilege for accounts interacting with the vulnerable system to reduce the impact of potential exploitation. 5. Engage with the vendor for timely patches or updates and apply them as soon as they become available. 6. Conduct thorough security assessments and penetration testing focusing on this vulnerability to identify and remediate potential exploitation paths. 7. Educate system administrators and security teams about the vulnerability specifics to enhance detection and response capabilities.