2 matches found
CVE-2020-13859
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows the undocumented system account mofidev to login to the cgi-bin/luci/quick/wizard management interfac...
CVE-2020-13859
CVE-2020-13859 affects Mofi Network MOFI4500-4GXeLTE devices running 4.0.8-std. A format error in /etc/shadow plus a logic bug in the LuCI/OpenWrt configuration interface enables the undocumented user account “mofidev” to access cgi-bin/luci/quick/wizard without a password via a forgotten-passwor...