CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-23930: Pioneer DMH-WT7600NEX Media Service Improper Handling of Exceptional Conditions

Description

This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the Media service, which listens on TCP port 42000 by default. The issue results from improper handling of error conditions. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Classification

CVE ID: CVE-2024-23930

Affected Products

Vendor: Pioneer

Product: DMH-WT7600NEX

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.07% (probability of being exploited)

EPSS Percentile: 31.61% (scored less or equal to compared to others)

EPSS Date: 2025-03-01 (when was this score calculated)

References

https://www.zerodayinitiative.com/advisories/ZDI-24-1043/

Timeline

2025-02-01 00:30:27 UTC
CVE

Pioneer DMH-WT7600NEX Media Service Improper Handling of Exceptional Conditions