CVE-2018-20008

2019-05-2820:03:27

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.4%

JSON

iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console.

References

payatu.com/ibaton-routers-responsible-disclosure/

www.iball.co.in/Category/Baton/283