Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions
3.3.23.6.9 and prior, enables an unauthenticated remote attacker to
bypass authentication using hard-coded administrator credentials. These
accounts cannot be disabled.
Metrics
Affected Vendors & Products
References
History
Tue, 20 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Vonets vap11ac
Vonets vap11g Vonets vap11g-300 Vonets vap11g-500 Vonets vap11g-500 Firmware Vonets vap11g-500s Vonets vap11n-300 Vonets vap11s Vonets vap11s-5g Vonets var11n-300 Vonets var1200-h Vonets var1200-l Vonets var600-h Vonets vbg1200 Vonets vga-1000 |
|
CPEs | cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Vonets vap11ac
Vonets vap11g Vonets vap11g-300 Vonets vap11g-500 Vonets vap11g-500 Firmware Vonets vap11g-500s Vonets vap11n-300 Vonets vap11s Vonets vap11s-5g Vonets var11n-300 Vonets var1200-h Vonets var1200-l Vonets var600-h Vonets vbg1200 Vonets vga-1000 |
Fri, 09 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Vonets
Vonets vap11ac Firmware Vonets vap11g-300 Firmware Vonets vap11g-500s Firmware Vonets vap11g Firmware Vonets vap11n-300 Firmware Vonets vap11s-5g Firmware Vonets vap11s Firmware Vonets var11n-300 Firmware Vonets var1200-h Firmware Vonets var1200-l Firmware Vonets var600-h Firmware Vonets vbg1200 Firmware Vonets vga-1000 Firmware |
|
CPEs | cpe:2.3:a:vonets:vap11ac_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11g_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11s_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var1200-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var1200-l_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var600-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vbg1200_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vga-1000_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Vonets
Vonets vap11ac Firmware Vonets vap11g-300 Firmware Vonets vap11g-500s Firmware Vonets vap11g Firmware Vonets vap11n-300 Firmware Vonets vap11s-5g Firmware Vonets vap11s Firmware Vonets var11n-300 Firmware Vonets var1200-h Firmware Vonets var1200-l Firmware Vonets var600-h Firmware Vonets vbg1200 Firmware Vonets vga-1000 Firmware |
|
Metrics |
ssvc
|
Thu, 08 Aug 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled. | Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled. |
Thu, 08 Aug 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled. | |
Title | Vonets WiFi Bridges Use of Hard-coded Credentials | |
Weaknesses | CWE-798 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2024-08-08T17:49:35.888Z
Updated: 2024-08-09T14:37:54.073Z
Reserved: 2024-07-30T16:15:10.064Z
Link: CVE-2024-41161
Vulnrichment
Updated: 2024-08-09T14:37:35.348Z
NVD
Status : Analyzed
Published: 2024-08-08T18:15:10.640
Modified: 2024-08-20T17:09:50.647
Link: CVE-2024-41161
Redhat
No data.