CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50375

A CWE-306 "Missing Authentication for Critical Function" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The vulnerability can be exploited by remote unauthenticated users capable of interacting with the default "edgserver" service enabled on the access point.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.8%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50375

Products affected by CVE-2024-50375

Advantech » Eki-6333ac-1gpo » Version: N/A

cpe:2.3:h:advantech:eki-6333ac-1gpo:-
Advantech » Eki-6333ac-2g » Version: N/A

cpe:2.3:h:advantech:eki-6333ac-2g:-
Advantech » Eki-6333ac-2gd » Version: N/A

cpe:2.3:h:advantech:eki-6333ac-2gd:-
Advantech » Eki-6333ac-1gpo Firmware » Version: Any

cpe:2.3:o:advantech:eki-6333ac-1gpo_firmware:*
Advantech » Eki-6333ac-2g Firmware » Version: Any

cpe:2.3:o:advantech:eki-6333ac-2g_firmware:*
Advantech » Eki-6333ac-2gd Firmware » Version: Any

cpe:2.3:o:advantech:eki-6333ac-2gd_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50375

Products

Pricing

Contact Us