Lucene search

IcscertCVE-2024-39815

HistoryAug 12, 2024 - 1:38 p.m.

CVE-2024-39815

2024-08-1213:38:25

CWE-703

icscert

web.nvd.nist.gov

cve-2024-39815

vonets

wifi bridges

denial of service

http request

pre-authentication resources

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVSS4

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/SC:H/VI:H/SI:H/VA:H/SA:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

17.7%

JSON

Improper check or handling of exceptional conditions vulnerability
affecting Vonets

industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated
remote attacker to cause a denial of service. A specially-crafted
HTTP request to pre-authentication resources can crash the service.

Affected configurations

Nvd

Node

vonetsvar1200-h_firmwareRange≤3.3.23.6.9

AND

vonetsvar1200-hMatch-

Node

vonetsvar1200-l_firmwareRange≤3.3.23.6.9

AND

vonetsvar1200-lMatch-

Node

vonetsvar600-h_firmwareRange≤3.3.23.6.9

AND

vonetsvar600-hMatch-

Node

vonetsvap11ac_firmwareRange≤3.3.23.6.9

AND

vonetsvap11acMatch-

Node

vonetsvap11g-500s_firmwareRange≤3.3.23.6.9

AND

vonetsvap11g-500sMatch-

Node

vonetsvbg1200_firmwareRange≤3.3.23.6.9

AND

vonetsvbg1200Match-

Node

vonetsvap11s-5g_firmwareRange≤3.3.23.6.9

AND

vonetsvap11s-5gMatch-

Node

vonetsvap11s_firmwareRange≤3.3.23.6.9

AND

vonetsvap11sMatch-

Node

vonetsvar11n-300_firmwareRange≤3.3.23.6.9

AND

vonetsvar11n-300Match-

Node

vonetsvap11g-300_firmwareRange≤3.3.23.6.9

AND

vonetsvap11g-300Match-

Node

vonetsvap11n-300_firmwareRange≤3.3.23.6.9

AND

vonetsvap11n-300Match-

Node

vonetsvap11g_firmwareRange≤3.3.23.6.9

AND

vonetsvap11gMatch-

Node

vonetsvap11g-500_firmwareRange≤3.3.23.6.9

AND

vonetsvap11g-500Match-

Node

vonetsvga-1000_firmwareRange≤3.3.23.6.9

AND

vonetsvga-1000Match-

VendorProductVersionCPE
vonetsvar1200-h_firmware*cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*
vonetsvar1200-h-cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:*
vonetsvar1200-l_firmware*cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*
vonetsvar1200-l-cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:*
vonetsvar600-h_firmware*cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*
vonetsvar600-h-cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:*
vonetsvap11ac_firmware*cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*
vonetsvap11ac-cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:*
vonetsvap11g-500s_firmware*cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*
vonetsvap11g-500s-cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
vonets	var1200-h_firmware	*	cpe:2.3:o:vonets:var1200-h_firmware::::::::
vonets	var1200-h	-	cpe:2.3:h:vonets:var1200-h:-:::::::*
vonets	var1200-l_firmware	*	cpe:2.3:o:vonets:var1200-l_firmware::::::::
vonets	var1200-l	-	cpe:2.3:h:vonets:var1200-l:-:::::::*
vonets	var600-h_firmware	*	cpe:2.3:o:vonets:var600-h_firmware::::::::
vonets	var600-h	-	cpe:2.3:h:vonets:var600-h:-:::::::*
vonets	vap11ac_firmware	*	cpe:2.3:o:vonets:vap11ac_firmware::::::::
vonets	vap11ac	-	cpe:2.3:h:vonets:vap11ac:-:::::::*
vonets	vap11g-500s_firmware	*	cpe:2.3:o:vonets:vap11g-500s_firmware::::::::
vonets	vap11g-500s	-	cpe:2.3:h:vonets:vap11g-500s:-:::::::*

Rows per page:

1-10 of 281

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "VAR1200-H",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAR1200-L",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAR600-H",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAP11AC",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAP11G-500S",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VBG1200",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAP11S-5G",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAP11S",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAR11N-300",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAP11G-300",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAP11N-300",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAP11G",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAP11G-500",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VBG1200",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VAP11AC",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VGA-1000",
    "vendor": "Vonets",
    "versions": [
      {
        "lessThanOrEqual": "3.3.23.6.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.cisa.gov/news-events/ics-advisories/icsa-24-214-08

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVSS4

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/SC:H/VI:H/SI:H/VA:H/SA:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

17.7%

JSON

Related for CVE-2024-39815