Filtered by vendor 4ipnet
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24301 | 1 4ipnet | 2 Eap-767, Eap-767 Firmware | 2025-03-25 | N/A | 8.8 HIGH |
| Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. | |||||
| CVE-2024-24300 | 1 4ipnet | 2 Eap-767, Eap-767 Firmware | 2025-03-25 | N/A | 9.8 CRITICAL |
| 4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged. | |||||