Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 10:3 a.m.3 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

9.1CVSS7AI score0.90358EPSS
Exploits4References1
NVD
NVDadded 2024/03/27 3:15 a.m.9 views

CVE-2024-25736

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request...

7.5CVSS6.7AI score0.09145EPSS
Exploits4References3
NVD
NVDadded 2024/03/27 3:15 a.m.7 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

9.1CVSS6.6AI score0.90358EPSS
Exploits4References3
OSV
OSVadded 2024/03/27 3:15 a.m.1 views

CVE-2024-25734

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts...

7.5CVSS5.9AI score0.06299EPSS
Exploits4References3
NVD
NVDadded 2024/03/27 3:15 a.m.7 views

CVE-2024-25734

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts...

7.5CVSS6.9AI score0.06299EPSS
Exploits4References3
OSV
OSVadded 2024/03/27 3:15 a.m.1 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

9.1CVSS5.8AI score0.90358EPSS
Exploits4References3
Cvelist
Cvelistadded 2024/03/27 12:0 a.m.12 views

CVE-2024-25734

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts...

7.2AI score0.06299EPSS
Exploits4References2
CVE
CVEadded 2024/03/27 12:0 a.m.49 views

CVE-2024-25736

The CVE-2024-25736 entry affects WyreStorm Apollo VX20 devices prior to firmware version 1.3.58. The vulnerability allows remote attackers to restart the device by issuing a GET request to /device/reboot (Web interface/reboot and reset commands). Exploitation details in the sources describe an In...

7.5CVSS6.9AI score0.09145EPSS
Exploits4References3Affected Software1
Vulnrichment
Vulnrichmentadded 2024/03/27 12:0 a.m.17 views

CVE-2024-25736

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request...

7AI score0.09145EPSS
Exploits4References2
Vulnrichment
Vulnrichmentadded 2024/03/27 12:0 a.m.12 views

CVE-2024-25734

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts...

7.5AI score0.06299EPSS
Exploits4References2
Cvelist
Cvelistadded 2024/03/27 12:0 a.m.14 views

CVE-2024-25736

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request...

6.9AI score0.09145EPSS
Exploits4References2
Cvelist
Cvelistadded 2024/03/27 12:0 a.m.13 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

6.9AI score0.90358EPSS
Exploits4References2
Vulnrichment
Vulnrichmentadded 2024/03/27 12:0 a.m.9 views

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

7.3AI score0.90358EPSS
Exploits4References2
CVE
CVEadded 2024/03/27 12:0 a.m.51 views

CVE-2024-25734

CVE-2024-25734 affects WyreStorm Apollo VX20 devices prior to version 1.3.58. The Telnet service prompts for a password only after a valid username is entered, enabling remote attackers with Telnet access (port 23) to enumerate valid accounts, potentially enabling brute-force attacks on credentia...

7.5CVSS7.2AI score0.06299EPSS
Exploits4References3Affected Software1
CVE
CVEadded 2024/03/27 12:0 a.m.98 views

CVE-2024-25735

WyreStorm Apollo VX20 devices prior to version 1.3.58 expose cleartext credentials via an HTTP GET on the SoftAP router endpoint /device/config. This is an information-disclosure/authentication- bypass issue affecting the web interface/config component; remote attackers can retrieve credentials w...

9.1CVSS6.8AI score0.90358EPSS
In wildExploits4References3Affected Software1
Positive Technologies
Positive Technologiesadded 2024/03/26 12:0 a.m.1 views

PT-2024-21118 · Wyrestorm · Wyrestorm Apollo Vx20

Name of the Vulnerable Software and Affected Versions: WyreStorm Apollo VX20 versions prior to 1.3.58 Description: An issue allows remote attackers to restart the device via a "/device/reboot" GET request. Recommendations: For versions prior to 1.3.58, update to version 1.3.58 or later to resolve...

7.5CVSS7AI score0.09145EPSS
Exploits4References7
Positive Technologies
Positive Technologiesadded 2024/03/26 12:0 a.m.3 views

PT-2024-21117 · Wyrestorm · Wyrestorm Apollo Vx20

Name of the Vulnerable Software and Affected Versions: WyreStorm Apollo VX20 versions prior to 1.3.58 Description: An issue was discovered where the TELNET service prompts for a password only after a valid username is entered. This might make it easier for remote attackers to enumerate user...

7.5CVSS7.5AI score0.06299EPSS
Exploits4References6
VulnCheck KEV
VulnCheck KEVadded 2024/03/03 12:0 a.m.0 views

VulnCheck KEV: CVE-2024-25735

An access control credential disclosure is present in WyreStorm Apollo VX20...

9.1CVSS7.3AI score0.90358EPSS
Exploits4References1
Exploit DB
Exploit DBadded 2024/02/26 12:0 a.m.277 views

Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLCREDENTIALSDISCLOSURECVE-2024-25735.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20...

9.1CVSS7AI score0.90358EPSS
Exploits4
CNNVD
CNNVDadded 2024/02/26 12:0 a.m.1 views

WyreStorm Apollo VX20 Security Vulnerability

Wyrestorm Apollo VX20 is an advanced conferencing video appliance from Wyrestorm. A security vulnerability exists in the WyreStorm Apollo VX20 prior to version 1.3.58, which stems from plaintext credentials that allow a remote attacker to access the SoftAP router via a simple HTTP GET request...

9.1CVSS6.8AI score0.90358EPSS
Exploits4References4
Rows per page
Query Builder