Share
## https://sploitus.com/exploit?id=SAINT:8E3EDD687113C165C89F2978979E4D63
Added: 09/30/2024  


### Background

MediaTek Wi-Fi chipsets and SoftAP driver bundles include `**wappd**` , a network daemon responsible for configuring and managing wireless interfaces and access points. 

### Problem

A buffer overflow in `**wappd**` could allow remote code execution on a large variety of devices including smartphones and routers. 

### Resolution

Upgrade to the latest firmware version available for the affected device. 

### References

https://blog.sonicwall.com/en-us/2024/09/critical-exploit-in-mediatek-wi-fi-chipsets-zero-click-vulnerability-cve-2024-20017-threatens-routers-and-smartphones/   
https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html   


### Platforms

MediaTek