12 matches found
CVE-2024-23726
Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker in proximity to a Wi-Fi network can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six characters of the SSID and...
CVE-2024-28092
UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name, Ti...
UBEE DDW365 XCNDDW365 Security Breach
Ubee DDW365 XCNDDW365 is a wireless router. A security vulnerability exists in the UBEE DDW365 XCNDDW365 version 8.14.3105 that originates from a vulnerability that allows remote attackers in the vicinity of Wi-Fi to conduct stored cross-site scripting XSS attacks via RgFirewallEL.asp, RgDdns.asp...
CVE-2024-28092
UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name, Ti...
CVE-2024-28092
CVE-2024-28092 concerns UBEE DDW365 XCNDDW365 software version 8.14.3105 on hardware 3.13.1. The issue allows a remote attacker within Wi‑Fi proximity to perform stored cross‑site scripting (XSS) attacks through the ASP pages: RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, and RgPar...
CVE-2024-28092
UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name, Ti...
CVE-2024-23726
Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker in proximity to a Wi-Fi network can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six characters of the SSID and...
Default credentials
Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker in proximity to a Wi-Fi network can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six characters of the SSID and...
CVE-2024-23726
Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker in proximity to a Wi-Fi network can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six characters of the SSID and...
CVE-2024-23726
The CVE-2024-23726 entry concerns Ubee DDW365/XCNDDW365 devices with predictable default WPA2 PSKs that enable nearby attackers to derive the PSK by observing beacon frames. The PSK is generated from the first six characters of the SSID and the last six of the BSSID, decrementing the last digit, ...
CVE-2024-23726
Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker in proximity to a Wi-Fi network can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six characters of the SSID and...
Ubee DDW365 XCNDDW365 Security Vulnerability
Ubee DDW365 XCNDDW365 is a wireless router. A security vulnerability exists in the Ubee DDW365 XCNDDW365. An attacker can exploit this vulnerability to obtain the default WPA2-PSK value by observing beacon frames...