A threat actor has announced the sale of an exploit for CVE-2024-30078, a Remote Code Execution (RCE) vulnerability in the WiFi driver affecting all Windows Vista and later devices.
In their announcement, the threat actor details that the exploit allows for remote code execution over WiFi, leveraging compromised access points or saved WiFi networks. The exploit reportedly works by infecting a victim through router-based malware or simply by having the victim’s device be within range of a WiFi network they have previously connected to.
The exploit code is offered for sale at $5,000 USD, with the price being negotiable. The seller also offers to develop custom solutions tailored to the buyer’s needs. Anastasia, the new owner of the forum, is listed as the escrow for this transaction.
Interested parties are instructed to send a private message to the threat actor, with a warning that time wasters and scammers will be ignored.