CVE-2024-36491

Name of the Vulnerable Software and Affected Versions: FutureNet NXR series versions (affected versions not specified) FutureNet VXR series versions (affected versions not specified) FutureNet WXR series versions (affected versions not specified)

Description: The issue is related to the lack of measures to neutralize special elements used in the operating system command. This can allow a remote attacker to gain unauthorized access to protected information, execute arbitrary commands, or cause a denial of service condition. A remote unauthenticated attacker can execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial of service (DoS) condition.

Recommendations: For FutureNet NXR series, update to a version that includes security patches for this issue. For FutureNet VXR series, update to a version that includes security patches for this issue. For FutureNet WXR series, update to a version that includes security patches for this issue. As a temporary workaround, consider restricting access to the operating system command to minimize the risk of exploitation.