Vulnerabilities > Vonets
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-29082 | Improper Access Control vulnerability in Vonets products Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. | 8.6 |
| 2024-08-12 | CVE-2024-37023 | Command Injection vulnerability in Vonets products Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. | 9.9 |
| 2024-08-12 | CVE-2024-39791 | Out-of-bounds Write vulnerability in Vonets products Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code. | 9.8 |
| 2024-08-12 | CVE-2024-39815 | Unspecified vulnerability in Vonets products Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. | 7.5 |
| 2024-08-12 | CVE-2024-41936 | Path Traversal vulnerability in Vonets products A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication. | 7.5 |
| 2024-08-12 | CVE-2024-42001 | Forced Browsing vulnerability in Vonets products An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. | 9.8 |
| 2024-08-08 | CVE-2024-41161 | Use of Hard-coded Credentials vulnerability in Vonets products Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. | 9.8 |