CVE-2024-11651

Published Nov 25, 2024

Last updated 15 days ago

CVSS medium 5.1

Overview

Description
A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been classified as critical. Affected is an unknown function of the file /admin/network/wifi_schedule. The manipulation of the argument wifi_schedule_day_em_5 leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Source
cna@vuldb.com
NVD status
Analyzed

Risk scores

CVSS 4.0

Type
Secondary
Base score
5.1
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
MEDIUM

CVSS 3.1

Type
Primary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

CVSS 2.0

Type
Secondary
Base score
5.8
Impact score
6.4
Exploitability score
6.4
Vector string
AV:N/AC:L/Au:M/C:P/I:P/A:P

Weaknesses

cna@vuldb.com
CWE-74
nvd@nist.gov
CWE-77

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2024-11651 (Published: 2024-11-25) - Critical vulnerability in EnGenius products. Affects multiple versions. Ensure your systems are updated to the latest firmware to mitigate risks. For more details and remediation steps, visit: https://t.co/ptseUAQSTD #CyberSecurity… htt

    @transilienceai

    27 Nov 2024

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2024-11651 (Published: 2024-11-25) - A critical vulnerability affecting EnGenius devices. Exploited in specific versions, this flaw poses serious security risks. Ensure your systems are updated and patched to mitigate potential threats. For more details, visit:… https://t.

    @transilienceai

    27 Nov 2024

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 CVE-2024-11651 (Published: 2024-11-25) - A critical vulnerability in EnGenius devices. Affects multiple versions. Users are urged to update to the latest firmware immediately to mitigate risks. Stay secure! More info: https://t.co/ptseUAQSTD #CyberSecurity #VulnerabilityAlert

    @transilienceai

    27 Nov 2024

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CVE-2024-11651 (Published: 2024-11-25) - A critical vulnerability affecting EnGenius devices. Exploited in specific versions, this flaw poses serious security risks. Ensure your systems are updated and patched to mitigate potential threats. For more details, visit:… https://t.

    @transilienceai

    27 Nov 2024

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 CVE-2024-11651 (Published: 2024-11-25) - A critical vulnerability in EnGenius products. Affected versions are at risk! 🔒 Ensure your systems are secure by applying the latest patches and updates. Stay protected! For more details, visit: https://t.co/hEBzSx1Yqh #CyberSecurity…

    @transilienceai

    27 Nov 2024

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 CVE-2024-11651 (Published: 2024-11-25) - A critical vulnerability in EnGenius products. Affects multiple versions. Ensure your systems are updated to the latest firmware to mitigate risks. For more details, visit: https://t.co/hEBzSx1Yqh #CyberSecurity #Vulnerability #EnGenius

    @transilienceai

    27 Nov 2024

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 CVE-2024-11651 (Published: 2024-11-25) - A critical vulnerability in EnGenius products. Affects multiple versions. Immediate remediation is essential! For details and mitigation steps, visit: https://t.co/hEBzSx1Yqh Stay secure! #CyberSecurity #VulnerabilityAlert

    @transilienceai

    27 Nov 2024

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2024-11651 (Published: 2024-11-25) - A critical vulnerability in EnGenius products. Affects specific versions; ensure your systems are updated. Remediation steps are crucial to protect against potential exploits. For detailed guidance, visit: https://t.co/LEMS8Qa9UF… https://

    @transilienceai

    27 Nov 2024

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🚨 CVE-2024-11651 (Published: 2024-11-25) - Critical vulnerability in EnGenius products. Affects specific versions. Immediate remediation is essential! For detailed info and mitigation steps, check the link: https://t.co/LEMS8Qa9UF #CyberSecurity #VulnerabilityAlert

    @transilienceai

    27 Nov 2024

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CVE-2024-11651 A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been classified as critical. Affected is an unknown function of the f… https://t.co/jgN6kT0M2g

    @CVEnew

    25 Nov 2024

    617 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🚨 Critical RCE in EnGenius ENH1350EXT/ENS500-AC/ENS620EXT routers up to 20241118 (CVE-2024-11651). Unauthenticated remote code execution via command injection. Update firmware ASAP & restrict admin access. #InfoSec #RouterSecurity

    @oktsec

    24 Nov 2024

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References