CVE-2024-31976
CVSS 3.1 Score 8 of 10 (high)
Details
Published Nov 27, 2024
Updated: Nov 29, 2024
CWE ID 78
Summary
CVE-2024-31976 is a newly disclosed vulnerability that affects EnGenius EWS356-FIR devices running version 1.1.30 and earlier. This issue permits a remote attacker to execute arbitrary OS commands on the targeted device by manipulating the Controller connectivity parameter. This vulnerability poses a significant risk as it allows unauthorized access and potential control over the device's functions. Network administrators are strongly urged to update their EnGenius EWS356-FIR devices to the latest software version to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share