CVE-2024-25735

CRITICAL EXPLOITED NUCLEI

WyreStorm Apollo VX20 - Information Disclosure

Title source: nuclei
STIX 2.1

Exploitation Summary

CVE-2024-25735 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including hyp3rlinx. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates an incorrect access control vulnerability in WyreStorm Apollo VX20 devices before 1.3.58, allowing remote attackers to retrieve cleartext credentials via an HTTP GET request to the /device/config endpoint.

Description

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request.

Exploits (1)

exploitdb WORKING POC
by hyp3rlinx · textremotemultiple
https://www.exploit-db.com/exploits/51816

This exploit demonstrates an incorrect access control vulnerability in WyreStorm Apollo VX20 devices before 1.3.58, allowing remote attackers to retrieve cleartext credentials via an HTTP GET request to the /device/config endpoint.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: WyreStorm Apollo VX20 < 1.3.58
No auth needed
Prerequisites: Network access to the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

WyreStorm Apollo VX20 - Information Disclosure
HIGHVERIFIEDby johnk3r
Shodan: ssl:"WyreStorm Apollo VX20" || ssl:"wyrestorm apollo vx20"

References (3)

Core 3

Scores

CVSS v3 9.1
EPSS 0.9036
EPSS Percentile 99.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

VulnCheck KEV 2024-03-03
CWE
CWE-319
Status published
Products (1)
wyrestorm/apollo_vx20_firmware < 1.3.58
Published Mar 27, 2024
Tracked Since Feb 18, 2026