NotCVE - vendor:"Optigo Networks" product:"ONS-S8 Spectra Aggregation Switch" version:" <= 1.3.7"

2 results (0.003 seconds)

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-45367 – Optigo Networks ONS-S8 Spectra Aggregation Switch Weak Authentication

https://notcve.org/view.php?id=CVE-2024-45367

The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-275-01 • CWE-1390: Weak Authentication •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-41925 – Optigo Networks ONS-S8 Spectra Aggregation Switch PHP Remote File Inclusion

https://notcve.org/view.php?id=CVE-2024-41925

The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user input, allowing an attacker to traverse directories, bypass authentication, and execute remote code. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-275-01 • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •