Wyrestorm Apollo Vx20 Firmware vulnerabilities
3 known vulnerabilities affecting wyrestorm/apollo_vx20_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2024-25735P1CRITICALCVSS 9.1ExploitedPoCfixed in 1.3.582024-03-27
CVE-2024-25735 [CRITICAL] CWE-319 CVE-2024-25735: An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discove
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request.
nvd
CVE-2024-25736P3HIGHCVSS 7.5PoCfixed in 1.3.582024-03-27
CVE-2024-25736 [HIGH] CWE-284 CVE-2024-25736: An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request.
nvd
CVE-2024-25734P3HIGHCVSS 7.5PoCfixed in 1.3.582024-03-27
CVE-2024-25734 [HIGH] CWE-200 CVE-2024-25734: An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts f
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts.
nvd