CVE-2024-30219

Published: Apr 15, 2024Modified: Jun 30, 2025

6.8

Vector

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.9 / Impact: 5.9

Source: vultures@jpcert.or.jp (Secondary)

Description

Active debug code vulnerability exists in PLANEX COMMUNICATIONS wireless LAN routers. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed. Note that MZK-MF300N is no longer supported, therefore the update for this product is not provided.

Affected (2)

Products: Planex: Mzk Mf300n Firmware, Mzk Mf300hp2 Firmware

2 products

Mzk Mf300n Firmware

Mzk Mf300hp2 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Planex Mzk Mf300n Firmware	All versions

Running on/with	Platform Versions
Planex Mzk Mf300n	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Planex Mzk Mf300hp2 Firmware	Up to 1.18

Running on/with	Platform Versions
Planex Mzk Mf300hp2	All versions

Related CWEs

Active Debug Code

The product is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.

References (2)

https://jvn.jp/en/vu/JVNVU91975826/

Source: vultures@jpcert.or.jp

Third Party Advisory

https://jvn.jp/en/vu/JVNVU91975826/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.