CVE-2024-41936

Vonets WiFi Bridges Path Traversal

CVSS 8.7 HIGHEPSS 1.7%CWE-22

A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Produtos afetados

Vonets · VAP11AC Vonets · VAP11G Vonets · VAP11G-300 Vonets · VAP11G-500 Vonets · VAP11G-500S Vonets · VAP11N-300 Vonets · VAP11S Vonets · VAP11S-5G Vonets · VAR11N-300 Vonets · VAR1200-H Vonets · VAR1200-L Vonets · VAR600-H Vonets · VBG1200 Vonets · VGA-1000

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08