S4E

CVE-2024-25735 Scanner

Detects 'Information Disclosure' vulnerability in WyreStorm Apollo VX20 affects v. before 1.3.58.

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month 2 days

Scan only one

URL

Toolbox

-

Vulnerability Overview

The CVE-2024-25735 vulnerability exists in WyreStorm Apollo VX20 devices before version 1.3.58, allowing remote attackers to access cleartext credentials for the SoftAP Router via a simple HTTP GET request.

Vulnerability Details

This vulnerability stems from improper access control on the /device/config endpoint. Attackers can exploit this flaw to retrieve sensitive information, including cleartext credentials, directly affecting the confidentiality of the device's network settings.

Possible Effects

  • Confidentiality Breach: Exposure of critical network configurations and credentials.
  • Unauthorized Access: Potential for unauthorized access to the network, leading to further exploitations.

Why Choose S4E

S4E equips you with advanced vulnerability scanning solutions, including the CVE-2024-25735 Scanner, designed to detect and mitigate potential security flaws in your network infrastructure. Our platform offers:

  • Comprehensive vulnerability assessment tailored to your specific security needs.
  • Expert recommendations for effective remediation strategies.
  • Continuous support and insights from cybersecurity professionals to bolster your defenses against evolving threats.

Join S4E to empower your cybersecurity posture with state-of-the-art scanning technology and expert guidance.

References

Get started to protecting your Free Full Security Scan