Engeniustech Ews356-fit_firmware

2 CVEs affecting Engeniustech Ews356-fit_firmware. Latest disclosed: 2024-11-11. Critical: 1, High: 0.

Top CVEs affecting Engeniustech Ews356-fit_firmware
CVESeverityScorePublishedSummary
CVE-2024-36061Critical9.82024-11-11EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters…
CVE-2024-31975Medium4.82024-10-30EnGenius EWS356-Fit devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vuln…