Vap11g-300 Firmware Security Vulnerabilities and Issues — Vap11g-300 Firmware CVE List

Lucene search

VonetsVap11g-300 Firmware

11 matches found

CVE•added 2024/08/12 1:38 p.m.•50 views

CVE-2024-37023

Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, softwareversions 3.3.23.6.9 and prior, enable an authenticated remote attackerto execute arbitrary OS commands via various endpoint parameters.

9.9CVSS9.9AI score0.00504EPSS

CVE•added 2024/09/26 2:15 p.m.•50 views

CVE-2024-46327

An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal.

5.7CVSS6.9AI score0.00094EPSS

CVE•added 2024/08/12 1:38 p.m.•47 views

CVE-2024-41936

A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9and prior, enables an unauthenticated remote attacker to read arbitraryfiles and bypass authentication.

8.7CVSS7.8AI score0.00938EPSS

CVE•added 2024/08/12 1:38 p.m.•45 views

CVE-2024-39791

Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions3.3.23.6.9 and prior, enable an unauthenticated remote attacker toexecute arbitrary code.

10CVSS10AI score0.00617EPSS

CVE•added 2024/09/26 2:15 p.m.•44 views

CVE-2024-46328

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root.

8CVSS7.6AI score0.0006EPSS

CVE•added 2024/08/12 1:38 p.m.•43 views

CVE-2024-39815

Improper check or handling of exceptional conditions vulnerabilityaffecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticatedremote attacker to cause a denial of service. A specially-craftedHTTP request to pre-authentic...

9.4CVSS9.1AI score0.00447EPSS

CVE•added 2024/08/08 6:15 p.m.•43 views

CVE-2024-41161

Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions3.3.23.6.9 and prior, enables an unauthenticated remote attacker tobypass authentication using hard-coded administrator credentials. Theseaccounts cannot be disable...

9.8CVSS8.3AI score0.00554EPSS

CVE•added 2024/08/12 1:38 p.m.•39 views

CVE-2024-29082

Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9and prior, enables an unauthenticated remote attacker to bypassauthentication and factory reset the device via unprotected goformendpoints.

8.8CVSS8.7AI score0.00167EPSS

CVE•added 2024/09/26 2:15 p.m.•39 views

CVE-2024-46329

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the SystemCommand object.

8CVSS8.2AI score0.00243EPSS

CVE•added 2024/09/26 2:15 p.m.•38 views

CVE-2024-46330

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the iptablesWebsFilterRun object.

7.4CVSS8AI score0.00236EPSS

CVE•added 2024/08/12 1:38 p.m.•36 views

CVE-2024-42001

An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions3.3.23.6.9 and prior enables an unauthenticated remote attacker tobypass authentication via a specially crafted direct request whenanother user has an active session.

9.8CVSS8.7AI score0.00659EPSS