- Description
- The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker with knowledge of the credentials can gain administrative access via crafted HTTP requests. This issue appears similar to CVE-2023-32645.
- Source
- disclosure@vulncheck.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- disclosure@vulncheck.com
- CWE-489
- Hype score
- Not currently trending
CVE-2024-9643 & CVE-2024-9644: Authentication Bypass in Four-Faith F3x36 Routers Puts Networks at Risk Critical vulnerabilities in Four-Faith F3x36 routers running v2.0.0 firmware. Learn about CVE-2024-9643 and CVE-2024-9644 and their severity. https://t.co/dxdW5aRheZ
@the_yellow_fall
7 Feb 2025
221 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-9643 The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker wit… https://t.co/YOcIDzwgMv
@CVEnew
4 Feb 2025
426 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-9643: CRITICAL] Vulnerability alert: Four-Faith F3x36 router firmware v2.0.0 has hard-coded credentials, allowing unauthorized access. Stay vigilant against cyber threats. #CyberSecurity#cybersecurity,#vulnerability https://t.co/ozfaQ5Jpua https://t.co/VBIec3j1v5
@CveFindCom
4 Feb 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes