Authentication flaw

2017-09-1719:29:00

PRIOn knowledge base

www.prio-n.com

AI Score

9.6

Confidence

High

EPSS

0.028

Percentile

90.7%

JSON

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.

CPENameOperatorVersion
ib-wra150n_firmwareeqfwiblr7011a1.0.2

CPE	Name	Operator	Version
	ib-wra150n_firmware	eq	fwiblr7011a1.0.2

References

www.exploit-db.com/exploits/42740/

www.techipick.com/iball-baton-adsl2-home-router-utstar-wa3002g4-adsl-broadband-modem-authentication-bypass