Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for RM4100 by ViaSat
CVE-2024-6198 (GCVE-0-2024-6198)
Vulnerability from nvd – Published: 2025-04-25 13:02 – Updated: 2026-02-26 18:28
VLAI
Title
SNORE Interface Unauthenticated Remote Code Execution
Summary
The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker
with access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the modem.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.onekey.com/resource/security-advisory… | third-party-advisorytechnical-description |
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| ViaSat | RM4100 |
Affected:
0 , < 3.8.0.4
(semver)
|
|
| Viasat | RM4200 |
Affected:
0 , < 3.8.0.4
(semver)
|
|
| Viasat | EM4100 |
Affected:
0 , < 3.8.0.4
(semver)
|
|
| Viasat | RM5110 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | RM5111 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | RG1000 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | RG1100 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | EG1000 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | EG1020 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T03:56:04.542725Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:04.552Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RM4100",
"vendor": "ViaSat",
"versions": [
{
"lessThan": "3.8.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RM4200",
"vendor": "Viasat",
"versions": [
{
"lessThan": "3.8.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EM4100",
"vendor": "Viasat",
"versions": [
{
"lessThan": "3.8.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RM5110",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RM5111",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RG1000",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RG1100",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG1000",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG1020",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Quentin Kaiser from ONEKEY Research Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the\u0026nbsp;\u201cSNORE\u201d interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker\u003cbr\u003ewith access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the\u0026nbsp;modem."
}
],
"value": "The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the\u00a0\u201cSNORE\u201d interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker\nwith access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the\u00a0modem."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:Y/R:U/V:C/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T13:02:43.673Z",
"orgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"shortName": "ONEKEY"
},
"references": [
{
"tags": [
"third-party-advisory",
"technical-description"
],
"url": "https://www.onekey.com/resource/security-advisory-rce-on-viasat-modems-cve-2024-6198"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Make sure your devices are online so they can receive the automated update from Viasat. Make sure your device received the update by getting the running version using the administrative interface."
}
],
"value": "Make sure your devices are online so they can receive the automated update from Viasat. Make sure your device received the update by getting the running version using the administrative interface."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-05-13T09:13:00.000Z",
"value": "Initial coordinated vulnerability disclosure request"
},
{
"lang": "en",
"time": "2024-05-28T07:15:00.000Z",
"value": "Report sent to ViaSat"
},
{
"lang": "en",
"time": "2024-06-19T14:00:00.000Z",
"value": "Call between ViaSat and ONEKEY for vulnerability assessment"
},
{
"lang": "en",
"time": "2025-04-25T13:00:00.000Z",
"value": "Coordinated disclosure by ONEKEY and Viasat"
}
],
"title": "SNORE Interface Unauthenticated Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"assignerShortName": "ONEKEY",
"cveId": "CVE-2024-6198",
"datePublished": "2025-04-25T13:02:43.673Z",
"dateReserved": "2024-06-20T09:18:03.225Z",
"dateUpdated": "2026-02-26T18:28:04.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-6198 (GCVE-0-2024-6198)
Vulnerability from cvelistv5 – Published: 2025-04-25 13:02 – Updated: 2026-02-26 18:28
VLAI
Title
SNORE Interface Unauthenticated Remote Code Execution
Summary
The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker
with access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the modem.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.onekey.com/resource/security-advisory… | third-party-advisorytechnical-description |
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| ViaSat | RM4100 |
Affected:
0 , < 3.8.0.4
(semver)
|
|
| Viasat | RM4200 |
Affected:
0 , < 3.8.0.4
(semver)
|
|
| Viasat | EM4100 |
Affected:
0 , < 3.8.0.4
(semver)
|
|
| Viasat | RM5110 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | RM5111 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | RG1000 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | RG1100 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | EG1000 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
|
| Viasat | EG1020 |
Affected:
0 , ≤ 4.3.0.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T03:56:04.542725Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:04.552Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RM4100",
"vendor": "ViaSat",
"versions": [
{
"lessThan": "3.8.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RM4200",
"vendor": "Viasat",
"versions": [
{
"lessThan": "3.8.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EM4100",
"vendor": "Viasat",
"versions": [
{
"lessThan": "3.8.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RM5110",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RM5111",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RG1000",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RG1100",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG1000",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EG1020",
"vendor": "Viasat",
"versions": [
{
"lessThanOrEqual": "4.3.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Quentin Kaiser from ONEKEY Research Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the\u0026nbsp;\u201cSNORE\u201d interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker\u003cbr\u003ewith access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the\u0026nbsp;modem."
}
],
"value": "The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the\u00a0\u201cSNORE\u201d interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker\nwith access to the LAN network interface could use a specially crafted HTTP request to exploit a buffer overflow on the\u00a0modem."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:Y/R:U/V:C/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T13:02:43.673Z",
"orgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"shortName": "ONEKEY"
},
"references": [
{
"tags": [
"third-party-advisory",
"technical-description"
],
"url": "https://www.onekey.com/resource/security-advisory-rce-on-viasat-modems-cve-2024-6198"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Make sure your devices are online so they can receive the automated update from Viasat. Make sure your device received the update by getting the running version using the administrative interface."
}
],
"value": "Make sure your devices are online so they can receive the automated update from Viasat. Make sure your device received the update by getting the running version using the administrative interface."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-05-13T09:13:00.000Z",
"value": "Initial coordinated vulnerability disclosure request"
},
{
"lang": "en",
"time": "2024-05-28T07:15:00.000Z",
"value": "Report sent to ViaSat"
},
{
"lang": "en",
"time": "2024-06-19T14:00:00.000Z",
"value": "Call between ViaSat and ONEKEY for vulnerability assessment"
},
{
"lang": "en",
"time": "2025-04-25T13:00:00.000Z",
"value": "Coordinated disclosure by ONEKEY and Viasat"
}
],
"title": "SNORE Interface Unauthenticated Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"assignerShortName": "ONEKEY",
"cveId": "CVE-2024-6198",
"datePublished": "2025-04-25T13:02:43.673Z",
"dateReserved": "2024-06-20T09:18:03.225Z",
"dateUpdated": "2026-02-26T18:28:04.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}