CVE-2024-41936

Name of the Vulnerable Software and Affected Versions Vonets industrial wifi bridge relays and wifi bridge repeaters versions 3.3.23.6.9 and prior

Description A directory traversal vulnerability enables an unauthenticated remote attacker to read arbitrary files and bypass authentication. The issue arises from an input validation error when processing directory traversal sequences, allowing an attacker to exploit the vulnerability using a specially crafted HTTP request.

Recommendations For versions 3.3.23.6.9 and prior, update to a version that fixes the directory traversal vulnerability. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation. Avoid using the vulnerable software until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.