CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

RedhatCVE•added 2025/05/23 10:3 a.m.•7 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

9.1CVSS7AI score0.50622EPSS

Exploits4References1

BDU FSTEC•added 2024/06/14 12:0 a.m.•10 views

The vulnerability of the video bar and switch for Apollo VX20 video conferencing systems lies in the lack of encryption for confidential data and improper handling of exclusive conditions, allowing intruders to obtain passwords in an open form.

The vulnerability of the microprogramming software for Apollo VX20 is related to the absence of encrypted confidential data. Exploiting this vulnerability can allow a malicious actor to obtain passwords in plain text through a GET request to SoftAP/device/config...

6.8CVSS7.7AI score0.50622EPSS

Exploits4References3Affected Software1

OSV•added 2024/03/27 3:15 a.m.•4 views

CVE-2024-25734

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts...

7.5CVSS5.9AI score0.04051EPSS

Exploits4References3

OSV•added 2024/03/27 3:15 a.m.•5 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

9.1CVSS5.8AI score0.50622EPSS

Exploits4References3

NVD•added 2024/03/27 3:15 a.m.•8 views

CVE-2024-25734

7.5CVSS6.9AI score0.04051EPSS

Exploits4References3

NVD•added 2024/03/27 3:15 a.m.•10 views

CVE-2024-25736

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request...

7.5CVSS6.7AI score0.04343EPSS

Exploits4References3

NVD•added 2024/03/27 3:15 a.m.•11 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

9.1CVSS6.6AI score0.50622EPSS

Exploits4References3

OSV•added 2024/03/27 3:15 a.m.•2 views

CVE-2024-25736

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request...

7.5CVSS5.8AI score0.04343EPSS

Exploits4References3

Vulnrichment•added 2024/03/27 12:0 a.m.•17 views

CVE-2024-25736

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request...

7AI score0.04343EPSS

Exploits4References2

Vulnrichment•added 2024/03/27 12:0 a.m.•12 views

CVE-2024-25734

7.5AI score0.04051EPSS

Exploits4References2

CVE•added 2024/03/27 12:0 a.m.•121 views

CVE-2024-25735

WyreStorm Apollo VX20 devices prior to version 1.3.58 expose cleartext credentials via an HTTP GET on the SoftAP router endpoint /device/config. This is an information-disclosure/authentication- bypass issue affecting the web interface/config component; remote attackers can retrieve credentials w...

9.1CVSS6.8AI score0.50622EPSS

In wildExploits4References3Affected Software1

Vulnrichment•added 2024/03/27 12:0 a.m.•10 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

7.3AI score0.50622EPSS

Exploits4References2

Cvelist•added 2024/03/27 12:0 a.m.•14 views

CVE-2024-25734

7.2AI score0.04051EPSS

Exploits4References2

Cvelist•added 2024/03/27 12:0 a.m.•38 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

6.9AI score0.50622EPSS

Exploits4References2

CVE•added 2024/03/27 12:0 a.m.•57 views

CVE-2024-25734

CVE-2024-25734 affects WyreStorm Apollo VX20 devices prior to version 1.3.58. The Telnet service prompts for a password only after a valid username is entered, enabling remote attackers with Telnet access (port 23) to enumerate valid accounts, potentially enabling brute-force attacks on credentia...

7.5CVSS7.2AI score0.04051EPSS

Exploits4References3Affected Software1

Cvelist•added 2024/03/27 12:0 a.m.•17 views

CVE-2024-25736

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request...

6.9AI score0.04343EPSS

Exploits4References2

CVE•added 2024/03/27 12:0 a.m.•55 views

CVE-2024-25736

The CVE-2024-25736 entry affects WyreStorm Apollo VX20 devices prior to firmware version 1.3.58. The vulnerability allows remote attackers to restart the device by issuing a GET request to /device/reboot (Web interface/reboot and reset commands). Exploitation details in the sources describe an In...

7.5CVSS6.9AI score0.04343EPSS

Exploits4References3Affected Software1

Positive Technologies•added 2024/03/26 12:0 a.m.•5 views

PT-2024-21118 · Wyrestorm · Wyrestorm Apollo Vx20

Name of the Vulnerable Software and Affected Versions: WyreStorm Apollo VX20 versions prior to 1.3.58 Description: An issue allows remote attackers to restart the device via a "/device/reboot" GET request. Recommendations: For versions prior to 1.3.58, update to version 1.3.58 or later to resolve...

7.5CVSS7AI score0.04343EPSS

Exploits4References7

Positive Technologies•added 2024/03/26 12:0 a.m.•6 views

PT-2024-21117 · Wyrestorm · Wyrestorm Apollo Vx20

Name of the Vulnerable Software and Affected Versions: WyreStorm Apollo VX20 versions prior to 1.3.58 Description: An issue was discovered where the TELNET service prompts for a password only after a valid username is entered. This might make it easier for remote attackers to enumerate user...

7.5CVSS7.5AI score0.04051EPSS

Exploits4References6