Lucene search

[email protected]CVE-2018-6387

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2018-6387

2022-10-0316:21:46

CWE-798

[email protected]

web.nvd.nist.gov

cve-2018-6387

iball ib-wra150n

hardcoded password

admin account

support account

user account

nvd

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.3%

JSON

iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.

Affected configurations

NVD

Node

iballib-wra150n_firmwareMatch1.2.6

AND

iballib-wra150nMatch-

CPENameOperatorVersion
iball:ib-wra150n_firmwareiball ib-wra150n firmwareeq1.2.6

CPE	Name	Operator	Version
iball:ib-wra150n_firmware	iball ib-wra150n firmware	eq	1.2.6

References

blogs.securiteam.com/index.php/archives/3654

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.3%

JSON

Related for CVE-2018-6387

nvd1 prion1 cvelist1