Optigo Networks Ons-S8 Spectra Aggregation Switch vulnerabilities
2 known vulnerabilities affecting optigo_networks/ons-s8_spectra_aggregation_switch.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2024-41925P2CRITICALCVSS 9.8≤ 1.3.72024-10-03
CVE-2024-41925 [CRITICAL] CWE-98 CVE-2024-41925: The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly val
The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user input, allowing an attacker to traverse directories, bypass authentication, and execute remote code.
nvd
CVE-2024-45367P2CRITICALCVSS 9.1≤ 1.3.72024-10-03
CVE-2024-45367 [CRITICAL] CWE-1390 CVE-2024-45367: The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process
The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password.
nvd