CVE-2024-29082

Name of the Vulnerable Software and Affected Versions Vonets industrial wifi bridge relays and wifi bridge repeaters versions 3.3.23.6.9 and prior

Description The issue is related to improper access control, allowing an unauthenticated remote attacker to bypass authentication and factory reset the device via unprotected goform endpoints. This enables the attacker to reset the device to its factory settings, potentially leading to unauthorized access or control.

Recommendations For versions 3.3.23.6.9 and prior, consider disabling access to the goform endpoints as a temporary workaround until a patch is available. Restricting access to these endpoints can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.