An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| wyrestorm | apollo_vx20_firmware | * |
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| wyrestorm | apollo_vx20_firmware | * |
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| wyrestorm | apollo_vx20_firmware | * |