VYPR

Vap11n 300

by Vonets

CVEs (11)

  • CVE-2024-39791CriAug 12, 2024
    risk 0.65cvss 10.0epss 0.01

    Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.

  • CVE-2024-39815CriAug 12, 2024
    risk 0.59cvss 9.1epss 0.01

    Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted…

  • CVE-2024-37023CriAug 12, 2024
    risk 0.59cvss 9.1epss 0.01

    Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters.

  • CVE-2024-42001HigAug 12, 2024
    risk 0.56cvss 8.6epss 0.01

    An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when …

  • CVE-2024-29082HigAug 12, 2024
    risk 0.56cvss 8.6epss 0.01

    Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform …

  • CVE-2024-46329HigSep 26, 2024
    risk 0.52cvss 8.0epss 0.01

    VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the SystemCommand object.

  • CVE-2024-46328HigSep 26, 2024
    risk 0.52cvss 8.0epss 0.00

    VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root.

  • CVE-2024-41936HigAug 12, 2024
    risk 0.49cvss 7.5epss 0.02

    A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication.

  • CVE-2024-41161HigAug 8, 2024
    risk 0.49cvss 7.5epss 0.01

    Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These …

  • CVE-2024-46330HigSep 26, 2024
    risk 0.48cvss 7.4epss 0.01

    VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the iptablesWebsFilterRun object.

  • CVE-2024-46327MedSep 26, 2024
    risk 0.37cvss 5.7epss 0.00

    An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal.