Improper access control vulnerability affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9
and prior, enables an unauthenticated remote attacker to bypass
authentication and factory reset the device via unprotected goform
endpoints.
Metrics
Affected Vendors & Products
References
History
Wed, 21 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 20 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Vonets
Vonets vap11ac Vonets vap11ac Firmware Vonets vap11g Vonets vap11g-300 Vonets vap11g-300 Firmware Vonets vap11g-500 Vonets vap11g-500 Firmware Vonets vap11g-500s Vonets vap11g-500s Firmware Vonets vap11g Firmware Vonets vap11n-300 Vonets vap11n-300 Firmware Vonets vap11s Vonets vap11s-5g Vonets vap11s-5g Firmware Vonets vap11s Firmware Vonets var11n-300 Vonets var11n-300 Firmware Vonets var1200-h Vonets var1200-h Firmware Vonets var1200-l Vonets var1200-l Firmware Vonets var600-h Vonets var600-h Firmware Vonets vbg1200 Vonets vbg1200 Firmware Vonets vga-1000 Vonets vga-1000 Firmware |
|
CPEs | cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Vonets
Vonets vap11ac Vonets vap11ac Firmware Vonets vap11g Vonets vap11g-300 Vonets vap11g-300 Firmware Vonets vap11g-500 Vonets vap11g-500 Firmware Vonets vap11g-500s Vonets vap11g-500s Firmware Vonets vap11g Firmware Vonets vap11n-300 Vonets vap11n-300 Firmware Vonets vap11s Vonets vap11s-5g Vonets vap11s-5g Firmware Vonets vap11s Firmware Vonets var11n-300 Vonets var11n-300 Firmware Vonets var1200-h Vonets var1200-h Firmware Vonets var1200-l Vonets var1200-l Firmware Vonets var600-h Vonets var600-h Firmware Vonets vbg1200 Vonets vbg1200 Firmware Vonets vga-1000 Vonets vga-1000 Firmware |
Thu, 08 Aug 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper access control vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. | Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. |
Thu, 08 Aug 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper access control vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. | |
Title | Vonets WiFi Bridges Improper Access Control | |
Weaknesses | CWE-284 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2024-08-08T19:23:23.133Z
Updated: 2024-08-21T20:03:57.401Z
Reserved: 2024-07-30T16:15:10.076Z
Link: CVE-2024-29082
Vulnrichment
Updated: 2024-08-09T14:43:18.531Z
NVD
Status : Analyzed
Published: 2024-08-12T13:38:18.050
Modified: 2024-08-20T17:11:31.787
Link: CVE-2024-29082
Redhat
No data.