These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
An Improper Authentication vulnerability in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allows unauthenticated remote attackers to bypass authentication when another user maintains an active session. The vulnerability affects software versions 3.3.23.6.9 and prior across 14 product models. An attacker can exploit this by sending a specially crafted direct request to the device, gaining [truncated]
A directory traversal vulnerability in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allows unauthenticated remote attackers to read arbitrary files and bypass authentication. The vulnerability affects software versions 3.3.23.6.9 and prior across 14 distinct product models. CISA published this advisory on August 1, 2024, and noted that Vonets has not responded to coordination requests fo [truncated]
A Use of Hard-coded Credentials vulnerability in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allows unauthenticated remote attackers to bypass authentication using hard-coded administrator credentials. The affected accounts cannot be disabled, leaving affected devices permanently exposed to unauthorized administrative access until firmware remediation is available.
Multiple OS command injection vulnerabilities in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allow authenticated remote attackers to execute arbitrary OS commands via various endpoint parameters. The vulnerability affects software versions 3.3.23.6.9 and prior across 14 product models. CISA published this advisory on August 1, 2024, and assigned a CVSS 3.1 score of 9.1 (Critical). Vonet [truncated]
An Improper Access Control vulnerability in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allows unauthenticated remote attackers to bypass authentication and perform factory resets via unprotected goform endpoints. The vulnerability affects software versions 3.3.23.6.9 and prior across 14 distinct product models. CISA published this advisory on August 1, 2024, and noted that Vonets has n [truncated]