#VU95164 Direct Request ('Forced Browsing') in Vonets products


Vulnerability identifier: #VU95164

Vulnerability risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-42001

CWE-ID: CWE-425

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
VAR1200-H
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAR1200-L
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAR600-H
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAP11AC
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAP11G-500S
Hardware solutions / Routers & switches, VoIP, GSM, etc
VBG1200
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAP11S-5G
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAP11S
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAR11N-300
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAP11G-300
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAP11N-300
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAP11G
Hardware solutions / Routers & switches, VoIP, GSM, etc
VAP11G-500
Hardware solutions / Routers & switches, VoIP, GSM, etc
VGA-1000
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Vonets

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper authentication. A remote attacker can send a specially crafted direct request when another user has an active session and bypass authentication.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

VAR1200-H: 3.3.23.6.9

VAR1200-L: 3.3.23.6.9

VAR600-H: 3.3.23.6.9

VAP11AC: 3.3.23.6.9

VAP11G-500S: 3.3.23.6.9

VBG1200: 3.3.23.6.9

VAP11S-5G: 3.3.23.6.9

VAP11S: 3.3.23.6.9

VAR11N-300: 3.3.23.6.9

VAP11G-300: 3.3.23.6.9

VAP11N-300: 3.3.23.6.9

VAP11G: 3.3.23.6.9

VAP11G-500: 3.3.23.6.9

VGA-1000: 3.3.23.6.9

External links
http://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Vonets WiFi Bridges