Vonets Vap11Ac vulnerabilities
7 known vulnerabilities affecting vonets/vap11ac.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH3
Vulnerabilities
Page 1 of 1
CVE-2024-37023P2CRITICALCVSS 9.9≤ 3.3.23.6.92024-08-12
CVE-2024-37023 [CRITICAL] CWE-77 CVE-2024-37023: Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and
Multiple OS command injection vulnerabilities affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software
versions 3.3.23.6.9 and prior, enable an authenticated remote attacker
to execute arbitrary OS commands via various endpoint parameters.
nvd
CVE-2024-42001P2CRITICALCVSS 9.8≤ 3.3.23.6.92024-08-12
CVE-2024-42001 [CRITICAL] CWE-425 CVE-2024-42001: An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and
An improper authentication vulnerability affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software versions
3.3.23.6.9 and prior enables an unauthenticated remote attacker to
bypass authentication via a specially crafted direct request when
another user has an active session.
nvd
CVE-2024-41161P2CRITICALCVSS 9.8≤ 3.3.23.6.92024-08-08
CVE-2024-41161 [CRITICAL] CWE-798 CVE-2024-41161: Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions
3.3.23.6.9 and prior, enables an unauthenticated remote attacker to
bypass authentication using hard-coded administrator credentials. These
accounts cannot be disabled.
nvd
CVE-2024-39791P2CRITICALCVSS 9.8≤ 3.3.23.6.92024-08-12
CVE-2024-39791 [CRITICAL] CWE-121 CVE-2024-39791: Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays an
Stack-based buffer overflow vulnerabilities affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software versions
3.3.23.6.9 and prior, enable an unauthenticated remote attacker to
execute arbitrary code.
nvd
CVE-2024-29082P3HIGHCVSS 8.6≤ 3.3.23.6.92024-08-12
CVE-2024-29082 [HIGH] CWE-284 CVE-2024-29082: Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi brid
Improper access control vulnerability affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9
and prior, enables an unauthenticated remote attacker to bypass
authentication and factory reset the device via unprotected goform
endpoints.
nvd
CVE-2024-41936P3HIGHCVSS 7.5≤ 3.3.23.6.92024-08-12
CVE-2024-41936 [HIGH] CWE-22 CVE-2024-41936: A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge r
A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9
and prior, enables an unauthenticated remote attacker to read arbitrary
files and bypass authentication.
nvd
CVE-2024-39815P3HIGHCVSS 7.5≤ 3.3.23.6.92024-08-12
CVE-2024-39815 [HIGH] CWE-703 CVE-2024-39815: Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial
Improper check or handling of exceptional conditions vulnerability
affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated
remote attacker to cause a denial of service. A specially-crafted
HTTP request to pre-authentication resources can crash the service.
nvd