-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security

Vulnerability Details

Registries

Custom Views

Weaknesses

Attack Patterns

Filters & Tools

ews356_fit_firmware

Source -

ADP

CNA CVEs -

0

ADP CVEs -

1

CISA CVEs -

0

NVD CVEs -

0

Related CVEs Related Vendors Related Assigners Reports

1Vulnerabilities found

Assigner-MITRE Corporation

Assigner-MITRE Corporation

CVSS Score-8||HIGH

EPSS-0.28% / 50.74%

||

7 Day CHG~0.00%

Published-27 Nov, 2024 | 00:00

Updated-29 Nov, 2024 | 21:15

Rejected-Not Available

Known To Be Used In Ransomware Campaigns?-Not Available

KEV Added-Not Available

KEV Action Due Date-Not Available

EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS commands via the Controller connectivity parameter.

Action-Not Available

Vendor-n/a engenius

Product-n/a ews356_fit_firmware

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')