4Ipnet Eap-767 Firmware vulnerabilities
2 known vulnerabilities affecting 4ipnet/eap-767_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2024-24301P2HIGHCVSS 8.8v3.42.002024-02-14
CVE-2024-24301 [HIGH] CWE-77 CVE-2024-24301: Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interfac
Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges.
nvd
CVE-2024-24300P3CRITICALCVSS 9.8v3.42.002024-02-14
CVE-2024-24300 [CRITICAL] CWE-284 CVE-2024-24300: 4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of c
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged.
nvd