Unrated severityNVD Advisory· Published Feb 4, 2025· Updated Nov 22, 2025

Four-Faith F3x36 Hidden Debug Credentials

CVE-2024-9643

Description

The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker with knowledge of the credentials can gain administrative access via crafted HTTP requests. This issue appears similar to CVE-2023-32645.

Affected products

Xiamen Four Faith/F3x36v5
Range: 2.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

talosintelligence.com/vulnerability_reports/TALOS-2023-1752mitrethird-party-advisory
vulncheck.com/advisories/four-faith-hard-coded-credsmitrethird-party-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.016
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000