CVEDB API

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.069

EPSS Ranking 91.1%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2024-25736

Wyrestorm » Apollo Vx20 » Version: N/A

cpe:2.3:h:wyrestorm:apollo_vx20:-
Wyrestorm » Apollo Vx20 Firmware » Version: N/A

cpe:2.3:o:wyrestorm:apollo_vx20_firmware:-
Wyrestorm » Apollo Vx20 Firmware » Version: 1.2.18

cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.2.18
Wyrestorm » Apollo Vx20 Firmware » Version: 1.2.25

cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.2.25
Wyrestorm » Apollo Vx20 Firmware » Version: 1.2.36

cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.2.36
Wyrestorm » Apollo Vx20 Firmware » Version: 1.3.17

cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.3.17
Wyrestorm » Apollo Vx20 Firmware » Version: 1.3.48

cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.3.48