CRITICAL🇵🇱 Wersja polska

CVE-2024-6684

CVSS 9.9v4.0pub. 2024-08-12upd. 2026-06-03

Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom Nova Panel N7 allows Authentication Bypass. This issue affects inohom Nova Panel N7: through 1.9.9.6. NOTE: The vendor was contacted and it was learned that the product is not supported.

🤖 AI Analysis
How it works

An attacker can bypass the authentication mechanism through an alternative path or access channel (Authentication Bypass Using an Alternate Path or Channel). This means there is a possibility of gaining access to protected resources or device functions without providing valid credentials. The vulnerability is remotely accessible, requires no user interaction, and does not require any privileges.

Impact

An attacker can gain unauthorized access to panel functions, potentially taking control of the device and associated infrastructure. Due to high CVSS values in the areas of confidentiality, integrity, and availability of both the system and external resources, the consequences of compromise can be very severe.

Mitigation & patch

The manufacturer confirmed that the product is unsupported and no patches will be released. It is recommended to immediately isolate devices from the public network (e.g., through a firewall or network segmentation), restrict access to them only from trusted local networks, and consider replacing the devices with actively supported alternatives.

Who is affected

GST Electronics inohom Nova Panel N7 in all software versions up to and including 1.9.9.6.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:X/RE:X/U:Red
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References