An improper authentication vulnerability affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software versions
3.3.23.6.9 and prior enables an unauthenticated remote attacker to
bypass authentication via a specially crafted direct request when
another user has an active session.
Metrics
Affected Vendors & Products
References
History
Wed, 21 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11g_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11s_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var1200-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var1200-l_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var600-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vbg1200_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vga-1000_firmware:*:*:*:*:*:*:*:* |
Tue, 20 Aug 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Vonets vap11ac
Vonets vap11g Vonets vap11g-300 Vonets vap11g-500 Vonets vap11g-500 Firmware Vonets vap11g-500s Vonets vap11n-300 Vonets vap11s Vonets vap11s-5g Vonets var11n-300 Vonets var1200-h Vonets var1200-l Vonets var600-h Vonets vbg1200 Vonets vga-1000 |
|
CPEs | cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:* cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Vonets vap11ac
Vonets vap11g Vonets vap11g-300 Vonets vap11g-500 Vonets vap11g-500 Firmware Vonets vap11g-500s Vonets vap11n-300 Vonets vap11s Vonets vap11s-5g Vonets var11n-300 Vonets var1200-h Vonets var1200-l Vonets var600-h Vonets vbg1200 Vonets vga-1000 |
Fri, 09 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Vonets
Vonets vap11ac Firmware Vonets vap11g-300 Firmware Vonets vap11g-500s Firmware Vonets vap11g Firmware Vonets vap11n-300 Firmware Vonets vap11s-5g Firmware Vonets vap11s Firmware Vonets var11n-300 Firmware Vonets var1200-h Firmware Vonets var1200-l Firmware Vonets var600-h Firmware Vonets vbg1200 Firmware Vonets vga-1000 Firmware |
|
CPEs | cpe:2.3:a:vonets:vap11ac_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11g_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vap11s_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var11n-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var1200-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var1200-l_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:var600-h_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vbg1200_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vonets:vga-1000_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Vonets
Vonets vap11ac Firmware Vonets vap11g-300 Firmware Vonets vap11g-500s Firmware Vonets vap11g Firmware Vonets vap11n-300 Firmware Vonets vap11s-5g Firmware Vonets vap11s Firmware Vonets var11n-300 Firmware Vonets var1200-h Firmware Vonets var1200-l Firmware Vonets var600-h Firmware Vonets vbg1200 Firmware Vonets vga-1000 Firmware |
|
Metrics |
ssvc
|
Thu, 08 Aug 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. | |
Title | Vonets WiFi Bridges Forced Browsing | |
Weaknesses | CWE-425 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2024-08-08T19:39:49.024Z
Updated: 2024-08-21T20:04:53.127Z
Reserved: 2024-07-30T16:15:10.118Z
Link: CVE-2024-42001
Vulnrichment
Updated: 2024-08-09T14:41:21.390Z
NVD
Status : Analyzed
Published: 2024-08-12T13:38:32.140
Modified: 2024-08-20T16:37:05.447
Link: CVE-2024-42001
Redhat
No data.