Two critical vulnerabilities have been discovered in Proroute H685t-w 4G routers: a command injection flaw (CVE-2024-45682) allowing complete system takeover and a cross-site scripting vulnerability (CVE-2024-38380) enabling account hijacking.