CVE-2024-39791
12.08.2024, 13:38
Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.Enginsight
| Vendor | Product | Version |
|---|---|---|
| vonets | var1200-h_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | var1200-l_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | var600-h_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vap11ac_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vap11g-500s_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vbg1200_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vap11s-5g_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vap11s_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | var11n-300_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vap11g-300_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vap11n-300_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vap11g_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vap11g-500_firmware | 𝑥 ≤ 3.3.23.6.9 |
| vonets | vga-1000_firmware | 𝑥 ≤ 3.3.23.6.9 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-121 - Stack-based Buffer OverflowA stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.