CVE-2024-44610 PEAK PCAN-Ethernet Gateway Root Exploit

The PEAK PCAN-Ethernet Gateway (FD) DR is vulnerable to an authenticated root exploit. This exploit allows an attacker to gain root access to the device.

To use the exploit it is required to know the credentials for the web interface.

The vendor has provided updated firmware images that resolve the issue:

• PCAN-Ethernet Gateway FD Firmware Version 1.3.0
• PCAN-Ethernet Gateway Firmware Version 2.11.0

A proof of concept exploit is available here.