Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

N/A

Source -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
0Vulnerabilities found
CVE-2024-25734
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.23% / 83.84%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 00:00
Updated-28 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts.

Action-Not Available
Vendor-wyrestormn/a
Product-apollo_vx20_firmwareapollo_vx20n/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-25735
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-90.72% / 99.60%
||
7 Day CHG-0.63%
Published-27 Mar, 2024 | 00:00
Updated-28 May, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request.

Action-Not Available
Vendor-wyrestormn/awyrestorm
Product-apollo_vx20_firmwareapollo_vx20n/aapollo_vx20
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2024-25736
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.79% / 90.93%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 00:00
Updated-28 May, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request.

Action-Not Available
Vendor-wyrestormn/awyrestorm
Product-apollo_vx20_firmwareapollo_vx20n/aapollo_vx20
CWE ID-CWE-284
Improper Access Control