CVE-2024-11659 EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_iperf command injection

A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/network/diagiperf. The manipulation of the argument iperf leads to command injection. The attack may be...

CVE-2024-11659 EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_iperf command injection

A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/network/diagiperf. The manipulation of the argument iperf leads to command injection. The attack may be...

CVE-2024-11658 EnGenius ENH1350EXT/ENS500-AC/ENS620EXT ajax_getChannelList command injection

A vulnerability has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/network/ajaxgetChannelList. The manipulation of the argument countryCode leads to command...

CVE-2024-11657

CVE-2024-11657 affects EnGenius ENH1350EXT, ENS500-AC and ENS620EXT. Affected is an unknown function in the file /admin/network/diag_nslookup; manipulation of the diag_nslookup argument leads to command injection. Exploitation is possible remotely, with public disclosure of the exploit. Multiple ...

CVE-2024-11655 EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_pinginterface command injection

A vulnerability classified as critical was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. This vulnerability affects unknown code of the file /admin/network/diagpinginterface. The manipulation of the argument diagping leads to command injection. The attack can be initiated...

CVE-2024-11655

CVE-2024-11655 affects EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT (firmware up to 2024-11-18). The vulnerability targets the file /admin/network/diag_pinginterface and arises from manipulation of the diag_ping argument, resulting in command injection. The issue is exploitable remotely and has ...

CVE-2024-11654

A vulnerability classified as critical has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. This affects an unknown part of the file /admin/network/diagtraceroute6. The manipulation of the argument diagtraceroute6 leads to command injection. It is possible to initiate th...

CVE-2024-11653 EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_traceroute command injection

A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/network/diagtraceroute. The manipulation of the argument diagtraceroute leads to command injection. The...

CVE-2024-11652 EnGenius ENH1350EXT/ENS500-AC/ENS620EXT sn_https command injection

A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/snpackage/snhttps. The manipulation of the argument httpsenable leads to command injection. The...

EnGenius多款产品 安全漏洞

EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. A security vulnerability exists in several EnGenius products, which stems from an incorrect manipulation of the iperf parameter that can lead to command injection. The following products are affected: EnGenius...

EnGenius多款产品 注入漏洞

The EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. An injection vulnerability exists in several EnGenius products, which stems from a faulty manipulation of the parameter diagping6 that can lead to command injection. The following products are affected: EnGeniu...

EnGenius多款产品 安全漏洞

EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. A security vulnerability exists in various EnGenius products, which stems from a command injection due to incorrect operation of the parameter wifischeduledayem5. The following products are affected: EnGenius...

EnGenius多款产品 注入漏洞

The EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. An injection vulnerability exists in several EnGenius products, which stems from a mis-manipulation of the parameter diagtraceroute6 that can lead to command injection. The following products are affected:...

EnGenius多款产品 注入漏洞

The EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. An injection vulnerability exists in several EnGenius products, which stems from a command injection due to incorrect operation of the parameter diagnslookup. The following products are affected: EnGenius...

EnGenius多款产品 注入漏洞

The EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. An injection vulnerability exists in several EnGenius products, which stems from a command injection due to incorrect operation of the parameter diagtraceroute. The following products are affected: EnGenius...

PT-2024-17167 · Engenius · Engenius Ens500-Ac +2

Name of the Vulnerable Software and Affected Versions: EnGenius ENH1350EXT versions up to 20241118 EnGenius ENS500-AC versions up to 20241118 EnGenius ENS620EXT versions up to 20241118 Description: A critical issue has been found in the affected devices, related to an unknown functionality of the...