CVE-2024-25735 Scanner
Detects 'Information Disclosure' vulnerability in WyreStorm Apollo VX20 affects v. before 1.3.58.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month 2 days
Scan only one
URL
Toolbox
-
Vulnerability Overview
The CVE-2024-25735 vulnerability exists in WyreStorm Apollo VX20 devices before version 1.3.58, allowing remote attackers to access cleartext credentials for the SoftAP Router via a simple HTTP GET request.
Vulnerability Details
This vulnerability stems from improper access control on the /device/config
endpoint. Attackers can exploit this flaw to retrieve sensitive information, including cleartext credentials, directly affecting the confidentiality of the device's network settings.
Possible Effects
- Confidentiality Breach: Exposure of critical network configurations and credentials.
- Unauthorized Access: Potential for unauthorized access to the network, leading to further exploitations.
Why Choose S4E
S4E equips you with advanced vulnerability scanning solutions, including the CVE-2024-25735 Scanner, designed to detect and mitigate potential security flaws in your network infrastructure. Our platform offers:
- Comprehensive vulnerability assessment tailored to your specific security needs.
- Expert recommendations for effective remediation strategies.
- Continuous support and insights from cybersecurity professionals to bolster your defenses against evolving threats.
Join S4E to empower your cybersecurity posture with state-of-the-art scanning technology and expert guidance.