CVE Tools

engeniustech

Networking InfrastructureCNcommercial

11

Cumulative CVEs

1

Monthly snapshots

#91

Peak rank

Top products

enh1350ext firmware9 ens500-ac firmware9 ens620ext firmware9

Latest CVEs

The 15 most recently published vulnerabilities affecting engeniustech.

CVE-2025-34035EnGenius EnShare IoT Gigabit Cloud Service Command Injection9.8Jun 24, 2025
CVE-2025-28371EnGenius ENH500 AP 2T2R V3.0 FW3.7.22 is vulnerable to Incorrect Access Control via the password change function. The device fails to validate the current password, allowing an attacker to submit a...6.5May 19, 2025
CVE-2024-31976EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS commands via the Controller connectivity parameter.8.0Nov 27, 2024
CVE-2024-11659EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_iperf command injection4.7Nov 25, 2024
CVE-2024-11658EnGenius ENH1350EXT/ENS500-AC/ENS620EXT ajax_getChannelList command injection4.7Nov 25, 2024
CVE-2024-11657EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_nslookup command injection4.7Nov 25, 2024
CVE-2024-11656EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_ping6 command injection4.7Nov 25, 2024
CVE-2024-11655EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_pinginterface command injection4.7Nov 25, 2024
CVE-2024-11654EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_traceroute6 command injection4.7Nov 25, 2024
CVE-2024-11653EnGenius ENH1350EXT/ENS500-AC/ENS620EXT diag_traceroute command injection4.7Nov 25, 2024
CVE-2024-11652EnGenius ENH1350EXT/ENS500-AC/ENS620EXT sn_https command injection4.7Nov 25, 2024
CVE-2024-11651EnGenius ENH1350EXT/ENS500-AC/ENS620EXT wifi_schedule command injection4.7Nov 25, 2024
CVE-2024-36061EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities.9.8Nov 11, 2024
CVE-2024-31975EnGenius EWS356-Fit devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vulnerable field is executed when the user...4.8Oct 30, 2024
CVE-2019-11353The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multip...9.8May 9, 2019