CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-29082 – Vonets WiFi Bridges Improper Access Control
https://notcve.org/view.php?id=CVE-2024-29082
Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08 • CWE-284: Improper Access Control •
CVSS: 8.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-41161 – Vonets WiFi Bridges Use of Hard-coded Credentials
https://notcve.org/view.php?id=CVE-2024-41161
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled. Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08 • CWE-798: Use of Hard-coded Credentials •