CVE-2024-45242

EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...

CVE-2024-11655 EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_pinginterface command injection

A vulnerability classified as critical was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. This vulnerability affects unknown code of the file /admin/network/diagpinginterface. The manipulation of the argument diagping leads to command injection. The attack can be initiated...

CVE-2024-11652 EnGenius ENH1350EXT/ENS500-AC/ENS620EXT sn_https command injection

A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/snpackage/snhttps. The manipulation of the argument httpsenable leads to command injection. The...

EnGenius多款产品 安全漏洞

EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. A security vulnerability exists in several EnGenius products, which stems from an incorrect manipulation of the iperf parameter that can lead to command injection. The following products are affected: EnGenius...

EnGenius多款产品 注入漏洞

The EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. An injection vulnerability exists in several EnGenius products, which stems from a faulty manipulation of the parameter diagping6 that can lead to command injection. The following products are affected: EnGeniu...

EnGenius多款产品 注入漏洞

The EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. An injection vulnerability exists in several EnGenius products, which stems from a command injection due to incorrect operation of the parameter diagtraceroute. The following products are affected: EnGenius...

PT-2024-17167 · Engenius · Engenius Ens500-Ac +2

Name of the Vulnerable Software and Affected Versions: EnGenius ENH1350EXT versions up to 20241118 EnGenius ENS500-AC versions up to 20241118 EnGenius ENS620EXT versions up to 20241118 Description: A critical issue has been found in the affected devices, related to an unknown functionality of the...

EnGenius多款产品 注入漏洞

The EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. An injection vulnerability exists in several EnGenius products, which stems from a command injection due to incorrect operation of the parameter diagnslookup. The following products are affected: EnGenius...

EnGenius多款产品 注入漏洞

The EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. An injection vulnerability exists in several EnGenius products, which stems from a mis-manipulation of the parameter diagtraceroute6 that can lead to command injection. The following products are affected:...

PT-2024-31500

Name of the Vulnerable Software and Affected Versions EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2 c1.9.51 Description The issue allows for OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During initial setup, the device creates an open unsecured...

CVE-2024-45242

EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...

CVE-2024-45242

EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...