11 matches found
CVE-2024-36061
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...
CVE-2024-31975
EnGenius EWS356-Fit devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vulnerable field is executed when the user clicks the SSID field's corresponding EDIT button...
EnGenius EWS356-FIT 安全漏洞
The EnGenius EWS356-FIT is an indoor wireless access point from EnGenius. A security vulnerability exists in the EnGenius EWS356-FIT version 1.1.30 and prior versions. A remote attacker could exploit the vulnerability to execute arbitrary operating system commands via the controller connection...
CVE-2024-36061
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...
CVE-2024-36061
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...
CVE-2024-36061
CVE-2024-36061 affects EnGenius EWS356-FIT devices (versions up to 1.1.30). The vulnerability is a blind OS command injection that lets an attacker execute arbitrary OS commands by injecting shell metacharacters into the Ping and Speed Test utilities. This could lead to full device compromise, de...
CVE-2024-36061
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...
EnGenius EWS356-FIT 安全漏洞
The EnGenius EWS356-FIT is an indoor wireless access point from EnGenius. A security vulnerability exists in the EnGenius EWS356-FIT version 1.1.30 and earlier. An attacker can exploit the vulnerability to execute arbitrary operating system commands via shell metacharacters to the Ping and Speed...
CVE-2024-36061
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...
CVE-2024-31975
EnGenius EWS356-Fit devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vulnerable field is executed when the user clicks the SSID field's corresponding EDIT button...
PT-2024-24329 · Engenius · Engenius Ews356-Fit +1
Name of the Vulnerable Software and Affected Versions: EnGenius EWS356-Fit versions 1.1.30 and earlier EnGenius ESR580 versions 1.1.30 and earlier Description: The issue allows a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vulnerable fie...