Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/11/17 6:4 a.m.12 views

CVE-2022-4985

Vodafone H500s devices running firmware v3.5.10 hardware model Sercomm VFH500 expose the WiFi access point password via an unauthenticated HTTP endpoint. By sending a crafted GET request to /data/activation.json with specific headers and cookies, a remote attacker can retrieve a JSON document tha...

8.7CVSS7.3AI score0.0045EPSS
Exploits0References1
NVD
NVD
added 2025/11/14 11:15 p.m.9 views

CVE-2022-4985

Vodafone H500s devices running firmware v3.5.10 hardware model Sercomm VFH500 expose the WiFi access point password via an unauthenticated HTTP endpoint. By sending a crafted GET request to /data/activation.json with specific headers and cookies, a remote attacker can retrieve a JSON document tha...

8.7CVSS0.0045EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/14 10:49 p.m.10 views

CVE-2022-4985 Vodafone H500s WiFi Password Disclosure via activation.json

Vodafone H500s devices running firmware v3.5.10 hardware model Sercomm VFH500 expose the WiFi access point password via an unauthenticated HTTP endpoint. By sending a crafted GET request to /data/activation.json with specific headers and cookies, a remote attacker can retrieve a JSON document tha...

8.7CVSS0.0045EPSS
Exploits0References4
CVE
CVE
added 2025/11/14 10:49 p.m.18 views

CVE-2022-4985

CVE-2022-4985 affects Vodafone H500s routers with firmware v3.5.10 (Sercomm VFH500). An unauthenticated HTTP GET to /data/activation.json with crafted headers/cookies discloses a JSON payload containing wifi_password, enabling remote attackers to obtain Wi‑Fi credentials and gain unauthorized net...

8.7CVSS6.9AI score0.0045EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.5 views

Vodafone H500s 安全漏洞

Vodafone H500s is a WiFi router from Vodafone UK. A security vulnerability exists in Vodafone H500s version v3.5.10 that originates from an unauthenticated HTTP endpoint exposing the WiFi password, which could lead to unauthorized access to the wireless network...

8.7CVSS6.7AI score0.0045EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.6 views

PT-2025-47023

Name of the Vulnerable Software and Affected Versions Vodafone H500s devices version 3.5.10 Description Vodafone H500s devices running firmware version 3.5.10 hardware model Sercomm VFH500 have an issue where the WiFi access point password is exposed through an unauthenticated HTTP endpoint. An...

8.7CVSS6.9AI score0.0045EPSS
Exploits0References7
Rows per page
Query Builder