Engeniustech Ews356-fit
2 CVEs affecting Engeniustech Ews356-fit. Latest disclosed: 2024-11-11. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36061 | Critical | 9.8 | 2024-11-11 | EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters… |
CVE-2024-31975 | Medium | 4.8 | 2024-10-30 | EnGenius EWS356-Fit devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vuln… |