Vulnerability Details CVE-2024-25734
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 78.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2024-25734
-
cpe:2.3:h:wyrestorm:apollo_vx20:-
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:-
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.2.18
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.2.25
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.2.36
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.3.17
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.3.48