CVE-2024-58337

Description

Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and configurations. Attackers can exploit this vulnerability to escalate privileges and gain unauthorized access to administrative functionalities.

PUBLISHED Reserved 2025-12-26 | Published 2025-12-30 | Updated 2025-12-30 | Assigner VulnCheck

Problem types

Missing Authorization

Product status

Credits

LiquidWorm as Gjoko Krstic of Zero Science Lab finder

References

www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5862.php (Zero Science Lab Disclosure (ZSL-2024-5862)) third-party-advisory

packetstormsecurity.com/files/182870/ (Packet Storm Security Exploit Entry) exploit

cxsecurity.com/issue/WLB-2024110042 (CXSecurity Vulnerability Listing) third-party-advisory

www.vulncheck.com/...oper-access-control-via-serviceshttpapi (VulnCheck Advisory: Akuvox Smart Intercom S539 Improper Access Control via ServicesHTTPAPI) third-party-advisory

cve.org (CVE-2024-58337)

nvd.nist.gov (CVE-2024-58337)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.