5 matches found
Critical Flaw Exposes Four-Faith Routers to Remote Exploitation
SUMMARY: VulnCheck has discovered a critical new vulnerability CVE-2024-12856 affecting Four-Faith industrial routers F3x24 and F3x36, with evidence…...
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
A high-severity flaw impacting select Four-Faith industrial routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 CVSS score: 7.2, has been described as an operating system OS command injection bug affecting...
CVE-2024-12856
creationtimestamp| type| source ---|---|--- 2024-12-27 16:15:50+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lecf5eb7so2l 2024-12-27 17:41:58+00:00| seen| https://t.me/cvedetector/13787 2024-12-27 18:19:54+00:00| seen|...
CVE-2024-12856 Four-Faith Industrial Router adjust_sys_time OS Command Injection
The Four-Faith router models F3x24 and F3x36 are affected by an operating system OS command injection vulnerability. At least firmware version 2.0 allows authenticated and remote attackers to execute arbitrary OS commands over HTTP when modifying the system time via apply.cgi. Additionally, this...
VulnCheck KEV: CVE-2024-12856
Four-Faith industrial routers are vulnerable to an operating system command injection vulnerability...