CVE-2024-39815 — CRITICAL (9.1)

Q: How severe is CVE-2024-39815?

CVE-2024-39815 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2024-39815?

Check the references section above for vendor advisories and patch information. Affected products include: Vonets Var1200-H Firmware, Vonets Var1200-H, Vonets Var1200-L Firmware, Vonets Var1200-L, Vonets Var600-H Firmware.

Vulnerability Description

Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of service. A specially-crafted HTTP request to pre-authentication resources can crash the service.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Vonets	Var1200-H Firmware	<= 3.3.23.6.9
Vonets	Var1200-H	-
Vonets	Var1200-L Firmware	<= 3.3.23.6.9
Vonets	Var1200-L	-
Vonets	Var600-H Firmware	<= 3.3.23.6.9
Vonets	Var600-H	-
Vonets	Vap11Ac Firmware	<= 3.3.23.6.9
Vonets	Vap11Ac	-
Vonets	Vap11G-500S Firmware	<= 3.3.23.6.9
Vonets	Vap11G-500S	-
Vonets	Vbg1200 Firmware	<= 3.3.23.6.9
Vonets	Vbg1200	-
Vonets	Vap11S-5G Firmware	<= 3.3.23.6.9
Vonets	Vap11S-5G	-
Vonets	Vap11S Firmware	<= 3.3.23.6.9
Vonets	Vap11S	-
Vonets	Var11N-300 Firmware	<= 3.3.23.6.9
Vonets	Var11N-300	-
Vonets	Vap11G-300 Firmware	<= 3.3.23.6.9
Vonets	Vap11G-300	-

Related Weaknesses (CWE)

CWE-703

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08Third Party AdvisoryUS Government Resource

FAQ

What is CVE-2024-39815?

CVE-2024-39815 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an una...

How severe is CVE-2024-39815?

CVE-2024-39815 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2024-39815?

Check the references section above for vendor advisories and patch information. Affected products include: Vonets Var1200-H Firmware, Vonets Var1200-H, Vonets Var1200-L Firmware, Vonets Var1200-L, Vonets Var600-H Firmware.