{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T02:44:33.132","vulnerabilities":[{"cve":{"id":"CVE-2024-41936","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2024-08-12T13:38:31.850","lastModified":"2024-08-20T16:26:54.663","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 \nand prior, enables an unauthenticated remote attacker to read arbitrary \nfiles and bypass authentication."},{"lang":"es","value":"Una vulnerabilidad de directory traversal que afecta a los relés de puente wifi industriales y a los repetidores de puente wifi de Vonets, versiones de software 3.3.23.6.9 y anteriores, permite a un atacante remoto no autenticado leer archivos arbitrarios y eludir la autenticación."}],"metrics":{"cvssMetricV40":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"94DAF720-5399-46A2-A9AB-3831045B86D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:*","matchCriteriaId":"6D2E3C6A-6CC6-4954-B06C-3F023C964426"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"273874D4-43E0-44D4-AB4E-D66DE1F1B824"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:*","matchCriteriaId":"2C4B65A1-D625-4712-8311-685CA0A6438B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"ADCC4730-7801-485C-994F-DB7B942AA9F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:*","matchCriteriaId":"DB22B21B-526A-4119-9278-E84138D523E4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"C007C620-CAF2-436E-AAA9-C012CEFCEA3B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:*","matchCriteriaId":"21B9AA55-A333-4D10-A9D8-19558465F56E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"FDC4DF91-B718-4CFE-BEE7-4E9CFF121C01"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:*","matchCriteriaId":"C9EC2642-6A5B-4DA8-A675-B9F3CAD9B35E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"5BFA8106-50EE-428D-9297-930CE9CC99C1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:*","matchCriteriaId":"AE4D6B12-50A8-4314-AEDA-E3C669F772C9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"D95A2EE8-B22F-4671-8DF8-3757A335B006"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:*","matchCriteriaId":"66E94FE6-235A-46F0-81B0-DFF88C454BB1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"060B7C85-806D-45B3-8268-10AC5E475171"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:*","matchCriteriaId":"C434D025-8361-4C2D-AC7D-4E4A44237C27"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"3DFA50C3-2B3E-4755-98FB-63CED2CA7B8F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:*","matchCriteriaId":"95D5A3C0-8303-4E77-9DE1-75FD9DAED295"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"42E71F95-814C-4EDA-8647-B03CA6AAFDEB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:*","matchCriteriaId":"2B23375E-0E77-4423-AEDA-9A9F26052834"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"7018E246-D211-4366-8664-90B00E68AA74"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:*","matchCriteriaId":"ADE0116E-37B8-4E0A-8874-A59989712743"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"C9C1B20A-8F03-4C6E-8715-B68DBBBAFB97"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:*","matchCriteriaId":"F510F0DC-C170-45A3-989B-2FA8791B4FC1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"52909496-4BEB-43DB-80E3-F710BCA0CAA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:*","matchCriteriaId":"B61E3489-034E-4DD2-8699-477647462CF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.23.6.9","matchCriteriaId":"1FAF11BE-F3F4-4D40-9156-DDB2FFBF9470"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:*","matchCriteriaId":"DA90833B-D40E-42F0-8ECF-86C90E4511C4"}]}]}],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]}]}}]}