Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Var1200\-H_firmware
(Vonets)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 7 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-08-08 | CVE-2024-41161 | Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled. | Vap11ac_firmware, Vap11g\-300_firmware, Vap11g\-500_firmware, Vap11g\-500s_firmware, Vap11g_firmware, Vap11n\-300_firmware, Vap11s\-5g_firmware, Vap11s_firmware, Var11n\-300_firmware, Var1200\-H_firmware, Var1200\-L_firmware, Var600\-H_firmware, Vbg1200_firmware, Vga\-1000_firmware | 9.8 | ||
| 2024-08-12 | CVE-2024-29082 | Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. | Vap11ac_firmware, Vap11g\-300_firmware, Vap11g\-500_firmware, Vap11g\-500s_firmware, Vap11g_firmware, Vap11n\-300_firmware, Vap11s\-5g_firmware, Vap11s_firmware, Var11n\-300_firmware, Var1200\-H_firmware, Var1200\-L_firmware, Var600\-H_firmware, Vbg1200_firmware, Vga\-1000_firmware | 8.6 | ||
| 2024-08-12 | CVE-2024-37023 | Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. | Vap11ac_firmware, Vap11g\-300_firmware, Vap11g\-500_firmware, Vap11g\-500s_firmware, Vap11g_firmware, Vap11n\-300_firmware, Vap11s\-5g_firmware, Vap11s_firmware, Var11n\-300_firmware, Var1200\-H_firmware, Var1200\-L_firmware, Var600\-H_firmware, Vbg1200_firmware, Vga\-1000_firmware | 9.9 | ||
| 2024-08-12 | CVE-2024-39815 | Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted HTTP request to pre-authentication resources can crash the service. | Vap11ac_firmware, Vap11g\-300_firmware, Vap11g\-500_firmware, Vap11g\-500s_firmware, Vap11g_firmware, Vap11n\-300_firmware, Vap11s\-5g_firmware, Vap11s_firmware, Var11n\-300_firmware, Var1200\-H_firmware, Var1200\-L_firmware, Var600\-H_firmware, Vbg1200_firmware, Vga\-1000_firmware | 7.5 | ||
| 2024-08-12 | CVE-2024-41936 | A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication. | Vap11ac_firmware, Vap11g\-300_firmware, Vap11g\-500_firmware, Vap11g\-500s_firmware, Vap11g_firmware, Vap11n\-300_firmware, Vap11s\-5g_firmware, Vap11s_firmware, Var11n\-300_firmware, Var1200\-H_firmware, Var1200\-L_firmware, Var600\-H_firmware, Vbg1200_firmware, Vga\-1000_firmware | 7.5 | ||
| 2024-08-12 | CVE-2024-42001 | An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. | Vap11ac_firmware, Vap11g\-300_firmware, Vap11g\-500_firmware, Vap11g\-500s_firmware, Vap11g_firmware, Vap11n\-300_firmware, Vap11s\-5g_firmware, Vap11s_firmware, Var11n\-300_firmware, Var1200\-H_firmware, Var1200\-L_firmware, Var600\-H_firmware, Vbg1200_firmware, Vga\-1000_firmware | 9.8 | ||
| 2024-08-12 | CVE-2024-39791 | Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code. | Vap11ac_firmware, Vap11g\-300_firmware, Vap11g\-500_firmware, Vap11g\-500s_firmware, Vap11g_firmware, Vap11n\-300_firmware, Vap11s\-5g_firmware, Vap11s_firmware, Var11n\-300_firmware, Var1200\-H_firmware, Var1200\-L_firmware, Var600\-H_firmware, Vbg1200_firmware, Vga\-1000_firmware | 9.8 |