Lucene search

[email protected]CVE-2008-1262

HistoryMar 10, 2008 - 5:44 p.m.

CVE-2008-1262

2008-03-1017:44:00

CWE-287

[email protected]

web.nvd.nist.gov

cve-2008-1262

airspan

wimax

prost

firmware

authentication

remote attackers

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.129 Low

EPSS

Percentile

95.5%

JSON

The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not verify authentication credentials, which allows remote attackers to (1) upload malformed firmware or (2) bind the antenna to a different WiMAX base station via unspecified requests to forms under process_adv/.

Affected configurations

NVD

Node

airspanwimax_prostMatch4.16.5.38.0

CPENameOperatorVersion
airspan:wimax_prostairspan wimax prosteq4.1

CPE	Name	Operator	Version
airspan:wimax_prost	airspan wimax prost	eq	4.1

References

airspan4wimax.googlepages.com/

secunia.com/advisories/29265

www.0x000000.com/?i=524

www.gnucitizen.org/projects/router-hacking-challenge/

www.kb.cert.org/vuls/id/248372

www.securityfocus.com/archive/1/489009/100/0/threaded

www.securityfocus.com/bid/28122

www.sharemethods.net/nepal/servlet/open?keeppath=false&aid=29820

www.vupen.com/english/advisories/2008/0802/references

exchange.xforce.ibmcloud.com/vulnerabilities/41052

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.129 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2008-1262

cvelist3 prion3 nvd3 cert1 cve2