cbcvebase.

Vonets Vap11Ac vulnerabilities

7 known vulnerabilities affecting vonets/vap11ac.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH3

Vulnerabilities

Page 1 of 1
CVE-2024-37023P2CRITICALCVSS 9.9≤ 3.3.23.6.92024-08-12
CVE-2024-37023 [CRITICAL] CWE-77 CVE-2024-37023: Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters.
nvd
CVE-2024-42001P2CRITICALCVSS 9.8≤ 3.3.23.6.92024-08-12
CVE-2024-42001 [CRITICAL] CWE-425 CVE-2024-42001: An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session.
nvd
CVE-2024-41161P2CRITICALCVSS 9.8≤ 3.3.23.6.92024-08-08
CVE-2024-41161 [CRITICAL] CWE-798 CVE-2024-41161: Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled.
nvd
CVE-2024-39791P2CRITICALCVSS 9.8≤ 3.3.23.6.92024-08-12
CVE-2024-39791 [CRITICAL] CWE-121 CVE-2024-39791: Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays an Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.
nvd
CVE-2024-29082P3HIGHCVSS 8.6≤ 3.3.23.6.92024-08-12
CVE-2024-29082 [HIGH] CWE-284 CVE-2024-29082: Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi brid Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints.
nvd
CVE-2024-41936P3HIGHCVSS 7.5≤ 3.3.23.6.92024-08-12
CVE-2024-41936 [HIGH] CWE-22 CVE-2024-41936: A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge r A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication.
nvd
CVE-2024-39815P3HIGHCVSS 7.5≤ 3.3.23.6.92024-08-12
CVE-2024-39815 [HIGH] CWE-703 CVE-2024-39815: Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted HTTP request to pre-authentication resources can crash the service.
nvd
Vonets Vap11Ac vulnerabilities | cvebase