CVE-2013-4875

The Uboot bootloader on the Verizon Wireless Network Extender SCS-2U01 allows physically proximate attackers to bypass the intended boot process and obtain a login prompt by connecting a crafted HDMI cable and sending a SysReq interrupt...

CVE-2013-4876

The Verizon Wireless Network Extender SCS-2U01 has a hardcoded password for the root account, which makes it easier for physically proximate attackers to obtain administrative access by leveraging a login prompt...

CVE-2013-4875

The CVE-2013-4875 entry concerns the U-Boot bootloader used on the Verizon Wireless Network Extender SCS-2U01. The vulnerability allows a physically proximate attacker to bypass the intended boot process and reach a login prompt by connecting a crafted HDMI cable and issuing a SysReq interrupt. T...

CVE-2013-4876

The CVE-2013-4876 entry applies to the Verizon Wireless Network Extender SCS-2U01, where a hardcoded password for the root account enables physically proximate attackers to obtain administrative access via the device login prompt. The description documents the root cause (hardcoded root credentia...

CVE-2013-4877

CVE-2013-4877 affects Verizon Wireless Network Extender models SCS-26UC4 and SCS-2U01. The root issue is that these devices do not use CAVE authentication, which allows an attacker to sniff registration packets over the network and obtain ESN and MIN values from arbitrary phones, enabling cloning...

Verizon Wireless Network Extender multiple vulnerabilities

Overview iSEC Partners has reported that the Verizon Wireless Network Extender models SCS-26UC4 and SCS-2U01 made by Samsung are susceptible to a local compromise using a custom HDMI cable. Once compromised the device can be used to eavesdrop on voice, text and data communication for mobile devic...