Lucene search
K

4 matches found

CVE
CVE
added 2025/02/04 2:58 p.m.83 views

CVE-2024-9644

CVE-2024-9644 affects the Four-Faith F3x36 router (firmware v2.0.0). The vulnerability is an authentication bypass in the administrative web server: certain admin functions are not protected when using bapply.cgi instead of apply.cgi. This allows a remote, unauthenticated attacker to modify setti...

9.8CVSS7.2AI score0.00644EPSS
In wildExploits0References1Affected Software1
CVE
CVE
added 2025/02/04 2:47 p.m.71 views

CVE-2024-9643

CVE-2024-9643 concerns the Four-Faith F3x36 router with firmware version v2.0.0 , where an authentication bypass is caused by hard-coded credentials in the administrative web server . The description and connected sources confirm that an attacker who knows the credentials can gain administrative ...

9.8CVSS7.3AI score0.0293EPSS
In wildExploits0References2Affected Software1
NVD
NVD
added 2024/12/27 4:15 p.m.29 views

CVE-2024-12856

The Four-Faith router models F3x24 and F3x36 are affected by an operating system OS command injection vulnerability. At least firmware version 2.0 allows authenticated and remote attackers to execute arbitrary OS commands over HTTP when modifying the system time via apply.cgi. Additionally, this...

7.2CVSS0.82192EPSS
Exploits4References3
OSV
OSV
added 2024/11/19 5:15 p.m.4 views

CVE-2024-52789

Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

8CVSS5.8AI score0.00395EPSS
Exploits1References1
Rows per page
Query Builder