Critical severity9.8NVD Advisory· Published Nov 11, 2024· Updated Jun 17, 2026
CVE-2024-36061
CVE-2024-36061
Description
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=1.1.30
Patches
Vulnerability mechanics
References
1- github.com/actuator/cve/blob/main/Engenius/CVE-2024-36061nvdThird Party Advisory
News mentions
0No linked articles in our index yet.