This vulnerability affects the Neterbit NW-431F Router firmware version vNW-431F-20241014-IR03. It allows an unauthenticated remote attacker to send specially crafted commands to the at_command.asp interface, resulting in unauthorized disclosure of sensitive information and the ability to execute arbitrary code on the device. The CVSS 3.1 base score is 8.2, indicating high severity with network attack vector, low attack complexity, no privileges required, no user interaction, high confidentiality impact, and no impact on integrity or availability.

Successful exploitation can lead to disclosure of sensitive information and remote code execution on the affected router, potentially compromising the device and the network it serves. This could allow attackers to control the device or use it as a foothold for further attacks. However, there are no known exploits in the wild at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or mitigation is currently documented, users should monitor vendor communications for updates. Until a patch is available, restricting network access to the at_command.asp interface and applying network-level protections may reduce exposure.