Lucene search
K

15 matches found

CNVD
CNVD
added 2017/05/23 12:0 a.m.4 views

Mimosa Client Radios and Mimosa Backhaul Radios Denial of Service Vulnerabilities

Mimosa Client Radios and Mimosa Backhaul Radios are both products of Mimosa Networks, Inc.Mimosa Client Radios is a hypervisor for the client devices of the Mimosa multipoint solution.Mimosa Backhaul Radios is Mimosa Backhaul Radios is a management program for broadband backhaul devices. A denial...

7.5CVSS7.2AI score0.02577EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/23 12:0 a.m.5 views

Unspecified Vulnerability in Mimosa Client Radios and Mimosa Backhaul Radios (CNVD-2017-08182)

Mimosa Client Radios and Mimosa Backhaul Radios are both products of Mimosa Networks, Inc.Mimosa Client Radios is a hypervisor for the client devices of the Mimosa multipoint solution.Mimosa Backhaul Radios is Mimosa Backhaul Radios is a management program for broadband backhaul devices. A securi...

9CVSS7.2AI score0.01336EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/23 12:0 a.m.2 views

Unspecified Vulnerabilities in Mimosa Client Radios and Mimosa Backhaul Radios

Mimosa Client Radios and Mimosa Backhaul Radios are both products of Mimosa Networks, Inc.Mimosa Client Radios is a hypervisor for the client devices of the Mimosa multipoint solution.Mimosa Backhaul Radios is Mimosa Backhaul Radios is a management program for broadband backhaul devices. A securi...

9CVSS7.2AI score0.01336EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/23 12:0 a.m.6 views

Unspecified Vulnerability in Multiple Mimosa Products

Mimosa Client Radios, Mimosa Backhaul Radios, and Mimosa Access Points are all products of Mimosa Networks, Inc.Mimosa Client Radios is a hypervisor for the client devices of the Mimosa Multi-Point solution. Mimosa Backhaul Radios is a hypervisor for broadband backhaul devices.Mimosa Access Point...

7.5CVSS6.6AI score0.01118EPSS
Exploits0References1
Prion
Prion
added 2017/05/21 9:29 p.m.16 views

Command injection

An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. By connecting to the Mosquitto broker on an access point and one of its clients, an attacker can gather enough information to craft a command that reboots the client remotely when sent to the...

5CVSS7.5AI score0.02577EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2017/05/21 9:29 p.m.5 views

CVE-2017-9135

An issue was discovered on Mimosa Client Radios before 2.2.4 and Mimosa Backhaul Radios before 2.2.4. On the backend of the device's web interface, there are some diagnostic tests available that are not displayed on the webpage; these are only accessible by crafting a POST request with a program...

8.8CVSS6AI score0.01336EPSS
Exploits0References1
OSV
OSV
added 2017/05/21 9:29 p.m.6 views

CVE-2017-9132

A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's hard-coded...

7.5CVSS5.8AI score0.01118EPSS
Exploits0References1
OSV
OSV
added 2017/05/21 9:29 p.m.4 views

CVE-2017-9134

An information-leakage issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. There is a page in the web interface that will show you the device's serial number, regardless of whether or not you have logged in. This information-leakage issue is relevant...

7.5CVSS5.8AI score0.01191EPSS
Exploits0References1
OSV
OSV
added 2017/05/21 9:29 p.m.3 views

CVE-2017-9131

An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. By connecting to the Mosquitto broker on an access point and one of its clients, an attacker can gather enough information to craft a command that reboots the client remotely when sent to the...

7.5CVSS5.8AI score0.02577EPSS
Exploits0References1
CVE
CVE
added 2017/05/21 9:0 p.m.40 views

CVE-2017-9135

The CVE-2017-9135 entry concerns Mimosa Client Radios and Mimosa Backhaul Radios prior to version 2.2.4. The issue lies in a backend web‑interface diagnostic feature that is not shown on the web UI but accessible via a crafted POST request (e.g., curl). One such test does not properly sanitize us...

9CVSS8.8AI score0.01336EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2017/05/21 9:0 p.m.17 views

CVE-2017-9131

An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. By connecting to the Mosquitto broker on an access point and one of its clients, an attacker can gather enough information to craft a command that reboots the client remotely when sent to the...

7.6AI score0.02577EPSS
Exploits0References1
CVE
CVE
added 2017/05/21 9:0 p.m.45 views

CVE-2017-9132

CVE-2017-9132 describes a hard-coded credentials flaw affecting Mimosa Client Radios, Mimosa Backhaul Radios, and Mimosa Access Points released before 2.2.3. The devices run Mosquitto to exchange data; exploitation enables an attacker to connect to the broker using embedded credentials and view m...

7.5CVSS7.3AI score0.01118EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2017/05/21 9:0 p.m.46 views

CVE-2017-9133

The CVE affects Mimosa Client Radios (pre-2.2.3) and Mimosa Backhaul Radios (pre-2.2.3). In the device web interface, after login, a page lets the user specify a host to ping; this input is not sanitized server-side, enabling an attacker to pass a crafted string that executes shell commands as ro...

9CVSS8.8AI score0.01336EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2017/05/21 9:0 p.m.47 views

CVE-2017-9131

The CVE-2017-9131 issue affects Mimosa Client Radios and Backhaul Radios running versions before 2.2.3. An attacker can leverage the Mosquitto broker on an access point and a client to craft a command that reboots the client remotely via the broker, described as an unauthenticated remote command ...

7.5CVSS7.5AI score0.02577EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2017/05/21 9:0 p.m.46 views

CVE-2017-9134

The CVE-2017-9134 issue affects Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. A web UI page exposes the device serial number without requiring authentication, and another unauthenticated page allows remotely performing a factory reset by entering that serial number. T...

7.5CVSS7.3AI score0.01191EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder