CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
39.6%
An improper authentication vulnerability affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software versions
3.3.23.6.9 and prior enables an unauthenticated remote attacker to
bypass authentication via a specially crafted direct request when
another user has an active session.
Vendor | Product | Version | CPE |
---|---|---|---|
vonets | var1200-h_firmware | * | cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:* |
vonets | var1200-h | - | cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:* |
vonets | var1200-l_firmware | * | cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:* |
vonets | var1200-l | - | cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:* |
vonets | var600-h_firmware | * | cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:* |
vonets | var600-h | - | cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:* |
vonets | vap11ac_firmware | * | cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:* |
vonets | vap11ac | - | cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:* |
vonets | vap11g-500s_firmware | * | cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:* |
vonets | vap11g-500s | - | cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:* |