Vap11g 300 Firmware

vap11g-300_firmware

Vendor: Vonets • 11 CVEs

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-46330 1Vonets 1Vap11g 300 Firmware Jun 4, 2025 Sep 26, 2024 N/A· v4 7.4 HIGH· v3 N/A· v2 VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the iptablesWebsFilterRun object.
CVE-2024-46329 1Vonets 1Vap11g 300 Firmware May 29, 2025 Sep 26, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the SystemCommand object.
CVE-2024-46328 1Vonets 1Vap11g 300 Firmware May 29, 2025 Sep 26, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several different privileged accounts, including root.
CVE-2024-46327 1Vonets 1Vap11g 300 Firmware Jun 24, 2025 Sep 26, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal.
CVE-2024-42001 1Vonets 14Vap11ac Firmware Vap11g 300 FirmwareVap11g 500 Firmware+11 more Aug 20, 2024 Aug 12, 2024 6.1 MEDIUM· v4 9.8 CRITICAL· v3 N/A· v2 An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass au...Show more An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session.Show less
CVE-2024-41936 1Vonets 14Vap11ac Firmware Vap11g 300 FirmwareVap11g 500 Firmware+11 more Aug 20, 2024 Aug 12, 2024 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files a...Show more A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication.Show less
CVE-2024-39815 1Vonets 14Vap11ac Firmware Vap11g 300 FirmwareVap11g 500 Firmware+11 more Aug 20, 2024 Aug 12, 2024 9.4 CRITICAL· v4 7.5 HIGH· v3 N/A· v2 Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote...Show more Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted HTTP request to pre-authentication resources can crash the service.Show less
CVE-2024-39791 1Vonets 14Vap11ac Firmware Vap11g 300 FirmwareVap11g 500 Firmware+11 more Aug 20, 2024 Aug 12, 2024 10.0 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute...Show more Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.Show less
CVE-2024-37023 1Vonets 14Vap11ac Firmware Vap11g 300 FirmwareVap11g 500 Firmware+11 more Aug 20, 2024 Aug 12, 2024 9.4 CRITICAL· v4 9.9 CRITICAL· v3 N/A· v2 Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbi...Show more Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters.Show less
CVE-2024-29082 1Vonets 14Vap11ac Firmware Vap11g 300 FirmwareVap11g 500 Firmware+11 more Aug 20, 2024 Aug 12, 2024 8.8 HIGH· v4 8.6 HIGH· v3 N/A· v2 Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authenticat...Show more Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints.Show less
CVE-2024-41161 1Vonets 14Vap11ac Firmware Vap11g 300 FirmwareVap11g 500 Firmware+11 more Aug 20, 2024 Aug 8, 2024 8.7 HIGH· v4 9.8 CRITICAL· v3 N/A· v2 Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authent...Show more Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled.Show less