Vap11n 300
by Vonets
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-39791 | Cri | 0.65 | 10.0 | 0.01 | Aug 12, 2024 | Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code. | ||
| CVE-2024-39815 | Cri | 0.59 | 9.1 | 0.01 | Aug 12, 2024 | Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted… | ||
| CVE-2024-37023 | Cri | 0.59 | 9.1 | 0.01 | Aug 12, 2024 | Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. | ||
| CVE-2024-42001 | Hig | 0.56 | 8.6 | 0.01 | Aug 12, 2024 | An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when … | ||
| CVE-2024-29082 | Hig | 0.56 | 8.6 | 0.01 | Aug 12, 2024 | Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform … | ||
| CVE-2024-46329 | Hig | 0.52 | 8.0 | 0.01 | Sep 26, 2024 | VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the SystemCommand object. | ||
| CVE-2024-46328 | Hig | 0.52 | 8.0 | 0.00 | Sep 26, 2024 | VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root. | ||
| CVE-2024-41936 | Hig | 0.49 | 7.5 | 0.02 | Aug 12, 2024 | A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication. | ||
| CVE-2024-41161 | Hig | 0.49 | 7.5 | 0.01 | Aug 8, 2024 | Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These … | ||
| CVE-2024-46330 | Hig | 0.48 | 7.4 | 0.01 | Sep 26, 2024 | VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the iptablesWebsFilterRun object. | ||
| CVE-2024-46327 | Med | 0.37 | 5.7 | 0.00 | Sep 26, 2024 | An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal. |
- risk 0.65cvss 10.0epss 0.01
Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.
- risk 0.59cvss 9.1epss 0.01
Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted…
- risk 0.59cvss 9.1epss 0.01
Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters.
- risk 0.56cvss 8.6epss 0.01
An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when …
- risk 0.56cvss 8.6epss 0.01
Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform …
- risk 0.52cvss 8.0epss 0.01
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the SystemCommand object.
- risk 0.52cvss 8.0epss 0.00
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root.
- risk 0.49cvss 7.5epss 0.02
A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication.
- risk 0.49cvss 7.5epss 0.01
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These …
- risk 0.48cvss 7.4epss 0.01
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the iptablesWebsFilterRun object.
- risk 0.37cvss 5.7epss 0.00
An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal.