vonets 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は パス処理の欠陥、バッファオーバーフロー, and vendor risk memory corruption に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で ファイル上書き and アプリケーションクラッシュ などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-46330 | VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the iptablesWebsFilterRun object. | [email protected] | 7.4 | 0.18% | 2024-09-26 | 2025-06-04 |
| CVE-2024-46329 | VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the SystemCommand object. | [email protected] | 8.0 | 0.11% | 2024-09-26 | 2025-05-29 |
| CVE-2024-46328 | VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root. | [email protected] | 8.0 | 0.06% | 2024-09-26 | 2025-05-29 |
| CVE-2024-46327 | An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal. | [email protected] | 5.7 | 0.07% | 2024-09-26 | 2025-06-24 |
| CVE-2024-42001 | An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. | [email protected] | 6.1 | 0.17% | 2024-08-12 | 2024-08-20 |
| CVE-2024-41936 | A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication. | [email protected] | 8.7 | 0.19% | 2024-08-12 | 2024-08-20 |
| CVE-2024-39815 | Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted HTTP request to pre-authentication resources can crash the service. | [email protected] | 9.4 | 0.78% | 2024-08-12 | 2024-08-20 |
| CVE-2024-39791 | Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code. | [email protected] | 10.0 | 3.21% | 2024-08-12 | 2024-08-20 |
| CVE-2024-37023 | Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. | [email protected] | 9.4 | 0.69% | 2024-08-12 | 2024-08-20 |
| CVE-2024-29082 | Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. | [email protected] | 8.8 | 0.06% | 2024-08-12 | 2024-08-20 |
| CVE-2024-41161 | Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled. | [email protected] | 8.7 | 0.10% | 2024-08-08 | 2024-08-20 |