CVE-2024-37023

Name of the Vulnerable Software and Affected Versions Vonets industrial wifi bridge relays and wifi bridge repeaters versions 3.3.23.6.9 and prior

Description The issue is related to OS command injection vulnerabilities that enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. This could allow a remote attacker to perform unauthorized actions.

Recommendations For versions 3.3.23.6.9 and prior, consider disabling access to vulnerable endpoint parameters until a patch is available. Restrict access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.