CVE-2024-25735 Scanner

Vulnerability Overview

The CVE-2024-25735 vulnerability exists in WyreStorm Apollo VX20 devices before version 1.3.58, allowing remote attackers to access cleartext credentials for the SoftAP Router via a simple HTTP GET request.

Vulnerability Details

This vulnerability stems from improper access control on the /device/config endpoint. Attackers can exploit this flaw to retrieve sensitive information, including cleartext credentials, directly affecting the confidentiality of the device's network settings.

Possible Effects

• Confidentiality Breach: Exposure of critical network configurations and credentials.
• Unauthorized Access: Potential for unauthorized access to the network, leading to further exploitations.

Why Choose SecurityForEveryone

SecurityForEveryone equips you with advanced vulnerability scanning solutions, including the CVE-2024-25735 Scanner, designed to detect and mitigate potential security flaws in your network infrastructure. Our platform offers:

• Comprehensive vulnerability assessment tailored to your specific security needs.
• Expert recommendations for effective remediation strategies.
• Continuous support and insights from cybersecurity professionals to bolster your defenses against evolving threats.

Join SecurityForEveryone to empower your cybersecurity posture with state-of-the-art scanning technology and expert guidance.

References

• WyreStorm Apollo VX20 Incorrect Access Control Advisory
• CVE-2024-25735 on Packet Storm Security