2 matches found
CVE-2018-17873
WiFiRanger devices (indoor: Core, GoAC; outdoor paired: Sky Pro, EliteAC, EliteAC FM) running firmware ≤7.0.8rc3 have an incorrect FTP access control. An adjacent-network attacker can read the SSH private key via FTP and log in as root. Public PoC references exist (e.g., 0day.today, PacketStorm)....
WiFiRanger 7.0.8rc3 Incorrect Access Control / Privilege Escalation
Exploit Title: WiFiRanger 7.0.8rc3 Incorrect Access Control - Privilege Escalation POC Exploit Author: Mitchel Jordan Date: 2018-10-18 Vendor Homepage: https://wifiranger.com/ Firmware: Phantom 7.0.8rc3 CVE: CVE-2018-17873 Details: WiFiRanger indoor routers Core, GoAC and their outdoor paired...