{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T04:05:12.012","vulnerabilities":[{"cve":{"id":"CVE-2024-57174","sourceIdentifier":"cve@mitre.org","published":"2025-03-05T21:15:19.410","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible to access sensitive information."},{"lang":"es","value":"Una configuración incorrecta en el firmware v0.4.H.00.02.15 de Alphion ASEE-1443 define un nombre de dominio no registrado previamente como el sufijo DNS predeterminado. Esto permite a los atacantes registrar el dominio no reclamado y apuntar su entrada DNS comodín a una dirección IP controlada por el atacante, lo que hace posible el acceso a información confidencial."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}]},"references":[{"url":"https://chenzw.medium.com/internal-domain-names-f1cd2886c654","source":"cve@mitre.org"},{"url":"https://github.com/geo-chen/BSides-SG-2022---Internal-Domain-Names?tab=readme-ov-file#finding-1---cve-2024-57174-alphion-routers","source":"cve@mitre.org"}]}}]}