Filtered by vendor Vonets
Subscriptions
Filtered by product Vap11g-300 Firmware
Subscriptions
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-46327 | 1 Vonets | 1 Vap11g-300 Firmware | 2024-09-30 | 5.7 Medium |
| An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal. | ||||
| CVE-2024-46329 | 1 Vonets | 1 Vap11g-300 Firmware | 2024-09-30 | 8 High |
| VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the SystemCommand object. | ||||
| CVE-2024-46330 | 1 Vonets | 1 Vap11g-300 Firmware | 2024-09-30 | 7.4 High |
| VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the iptablesWebsFilterRun object. | ||||
| CVE-2024-46328 | 1 Vonets | 1 Vap11g-300 Firmware | 2024-09-30 | 8 High |
| VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root. | ||||
| CVE-2024-41936 | 1 Vonets | 28 Vap11ac, Vap11ac Firmware, Vap11g and 25 more | 2024-08-21 | 7.5 High |
| A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication. | ||||
| CVE-2024-39791 | 1 Vonets | 28 Vap11ac, Vap11ac Firmware, Vap11g and 25 more | 2024-08-21 | 10 Critical |
| Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code. | ||||
| CVE-2024-42001 | 1 Vonets | 28 Vap11ac, Vap11ac Firmware, Vap11g and 25 more | 2024-08-21 | 8.6 High |
| An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. | ||||
| CVE-2024-39815 | 1 Vonets | 28 Vap11ac, Vap11ac Firmware, Vap11g and 25 more | 2024-08-21 | 9.1 Critical |
| Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted HTTP request to pre-authentication resources can crash the service. | ||||
| CVE-2024-37023 | 1 Vonets | 28 Vap11ac, Vap11ac Firmware, Vap11g and 25 more | 2024-08-21 | 9.1 Critical |
| Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. | ||||
| CVE-2024-29082 | 1 Vonets | 28 Vap11ac, Vap11ac Firmware, Vap11g and 25 more | 2024-08-21 | 8.6 High |
| Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. | ||||
| CVE-2024-41161 | 1 Vonets | 28 Vap11ac, Vap11ac Firmware, Vap11g and 25 more | 2024-08-20 | 7.5 High |
| Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled. | ||||
Page 1 of 1.