13 matches found
CVE-2024-24300
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged...
CVE-2024-24301
Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges...
CVE-2024-24301
Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges...
CVE-2024-24300
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged...
Command injection
Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges...
Improper access control
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged...
4ipnet EAP-767 Security Vulnerability
The 4ipnet EAP-767 is an enterprise-grade concurrent dual-band 802.11ac indoor access point designed for high-density environments such as offices, universities, hotels and hospitals. A security vulnerability exists in the 4ipnet EAP-767 version v3.42.00, which originates from a web interface tha...
CVE-2024-24300
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged...
CVE-2024-24301
Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges...
CVE-2024-24300
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials regardless of logins, and the cookie content does not change. This affects authentication/authorization behavior as described in multiple sources (Red Hat, NVD, CVE listing). The CVE not...
CVE-2024-24300
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged...
CVE-2024-24301
CVE-2024-24301 is a command-injection vulnerability in 4ipnet EAP-767 v3.42.00 exposed through the device’s web interface. The issue allows attackers with valid credentials to inject arbitrary shell commands executed with root privileges, as indicated by the CVSSv3.1 vector (AV:N/AC:L/PR:L/UI:N/S...
CVE-2024-24301
Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges...