CVE-2024-9643

Critical CVSS: 9.8

The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker with knowledge of the credentials can gain administrative access via crafted HTTP requests. This issue appears similar to CVE-2023-32645.

Vendor

Four-faith

Product

F3x36 Firmware

CWE

CWE-489

Yayın Tarihi

2025-02-04 15:15:19

Güncelleme

2025-09-19 19:33:43

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-489 F3x36 Firmware CRITICAL Four-faith 2025

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752 https://vulncheck.com/advisories/four-faith-hard-coded-creds https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752

Benzer Kayıtlar

Medium

CVE-2025-11018

A flaw has been found in Four-Faith Water Conservancy Informatization Platform 1.0. This affects an unknown function of…

Medium

CVE-2025-10708

A security vulnerability has been detected in Four-Faith Water Conservancy Informatization Platform 1.0. Affected by thi…

Medium

CVE-2025-10709

A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform 1.0. Affected by this issue is som…

Critical

CVE-2024-9644

The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass vulnerability in the admini…