4ipnet

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-24301 14ipnet 1Eap 767 Firmware Mar 25, 2025 Feb 14, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device...Show more Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges.Show less
CVE-2024-24300 14ipnet 1Eap 767 Firmware Mar 25, 2025 Feb 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-24301

14ipnet

1Eap 767 Firmware

Mar 25, 2025

Feb 14, 2024

N/A· v4

8.8 HIGH· v3

N/A· v2

Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device...Show more

CVE-2024-24300