Critical severity9.8NVD Advisory· Published Feb 4, 2025· Updated Jun 17, 2026
CVE-2024-9643
CVE-2024-9643
Description
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker with knowledge of the credentials can gain administrative access via crafted HTTP requests. This issue appears similar to CVE-2023-32645.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: 2.0.0
2.0.0+ 1 more
- (no CPE)range: 2.0.0
- (no CPE)range: 2.0.0
Patches
Vulnerability mechanics
References
2- vulncheck.com/advisories/four-faith-hard-coded-credsnvdThird Party Advisory
- talosintelligence.com/vulnerability_reports/TALOS-2023-1752nvdNot Applicable
News mentions
2- ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain ChaosThe Hacker News · May 25, 2026
- In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station HackingSecurityWeek · May 22, 2026