GCVE - cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*

part: o version: * update: *

Vendor	Vonets (`e6676fa3-6026-54e5-aa9d-79f3f94bb0bc`)
Product	Vap11G 300 Firmware (`f896020d-a802-561d-bed8-cf1016642754`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-42001`	vulnerable	2026-06-03 14:56:35.693702	Vonets WiFi Bridges Forced Browsing HIGH (8.6) An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. Published: 2024-08-08T19:39:49.024Z Updated: 2024-08-21T20:04:53.127Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41936`	vulnerable	2026-06-03 14:56:35.454602	Vonets WiFi Bridges Path Traversal HIGH (7.5) A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication. Published: 2024-08-08T19:27:19.585Z Updated: 2024-08-21T20:05:27.996Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41161`	vulnerable	2026-06-03 14:56:34.165520	Vonets WiFi Bridges Use of Hard-coded Credentials HIGH (7.5) Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled. Published: 2024-08-08T17:49:35.888Z Updated: 2024-08-09T14:37:54.073Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-39815`	vulnerable	2026-06-03 14:56:22.485196	Vonets WiFi Bridges Improper Check or Handling of Exceptional Conditions CRITICAL (9.1) Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted HTTP request to pre-authentication resources can crash the service. Published: 2024-08-08T19:33:35.137Z Updated: 2024-08-21T20:04:38.205Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-39791`	vulnerable	2026-06-03 14:56:22.441682	Vonets WiFi Bridges Stack-based Buffer Overflow CRITICAL (10) Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code. Published: 2024-08-08T19:36:17.337Z Updated: 2024-08-21T20:05:07.240Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-37023`	vulnerable	2026-06-03 14:56:05.460325	Vonets WiFi Bridges Command Injection CRITICAL (9.1) Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. Published: 2024-08-08T19:30:40.496Z Updated: 2024-08-21T20:04:21.492Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-29082`	vulnerable	2026-06-03 14:55:26.786776	Vonets WiFi Bridges Improper Access Control HIGH (8.6) Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. Published: 2024-08-08T19:23:23.133Z Updated: 2024-08-21T20:03:57.401Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.