Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Four-Faith — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting Four-Faith. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Four-Faith specializes in industrial IoT and communication solutions, primarily serving SCADA systems and smart grid infrastructure. Historically, their products have been vulnerable to multiple remote code execution flaws, cross-site scripting, and privilege escalation vulnerabilities, often stemming from hardcoded credentials and insufficient input validation. The company has addressed eight CVEs to date, with several critical issues allowing unauthorized access to device management interfaces. While no major public security incidents have been documented, the pattern of vulnerabilities suggests potential risks in operational technology environments where their devices are deployed, emphasizing the need for rigorous patch management in critical infrastructure deployments.

Top products by Four-Faith: Water Conservancy Informatization Platform F3x36 F3x24
CVE IDTitleCVSSSeverityPublished
CVE-2025-11337 Four-Faith Water Conservancy Informatization Platform download.do;othersusrlogout.do path traversal — Water Conservancy Informatization PlatformCWE-22 5.3 Medium2025-10-06
CVE-2025-11336 Four-Faith Water Conservancy Informatization Platform download.do;otherlogout.do path traversal — Water Conservancy Informatization PlatformCWE-22 5.3 Medium2025-10-06
CVE-2025-11018 Four-Faith Water Conservancy Informatization Platform download.do;usrlogout.do.do path traversal — Water Conservancy Informatization PlatformCWE-22 5.3 Medium2025-09-26
CVE-2025-10709 Four-Faith Water Conservancy Informatization Platform historyDownload.do;otheruserLogin.do;getfile path traversal — Water Conservancy Informatization PlatformCWE-22 5.3 Medium2025-09-19
CVE-2025-10708 Four-Faith Water Conservancy Informatization Platform historyDownload.do;usrlogout.do path traversal — Water Conservancy Informatization PlatformCWE-22 5.3 Medium2025-09-19
CVE-2024-9644 Four-Faith F3x36 bapply.cgi Auth Bypass — F3x36CWE-489 9.8 Critical2025-02-04
CVE-2024-9643 Four-Faith F3x36 Hidden Debug Credentials — F3x36CWE-489 9.8 Critical2025-02-04
CVE-2024-12856 Four-Faith Industrial Router adjust_sys_time OS Command Injection — F3x24CWE-78 7.2 High2024-12-27

This page lists every published CVE security advisory associated with Four-Faith. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.