Описание
A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9
and prior, enables an unauthenticated remote attacker to read arbitrary
files and bypass authentication.
Затрагиваемое ПО
Vonets Var1200-h firmwareVonets Var1200-hVonets Var1200-l firmwareVonets Var1200-lVonets Var600-h firmwareVonets Var600-hVonets Vap11ac firmwareVonets Vap11acVonets Vap11g-500s firmwareVonets Vap11g-500sVonets Vbg1200 firmwareVonets Vbg1200Vonets Vap11s-5g firmwareVonets Vap11s-5gVonets Vap11s firmwareVonets Vap11sVonets Var11n-300 firmwareVonets Var11n-300Vonets Vap11g-300 firmwareVonets Vap11g-300Vonets Vap11n-300 firmwareVonets Vap11n-300Vonets Vap11g firmwareVonets Vap11gVonets Vap11g-500 firmware
CVSS
| Балл | 7.5 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Источники
https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08