CVE-2020-15836

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function passes untrusted data to the operating system without proper sanitization. A crafted request can be sent to execute arbitrary commands as root...

CVE-2020-15832

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The poof.cgi script contains undocumented code that provides the ability to remotely reboot the device. An adversary with the private key but not the root password can remotely reboot the device...

Mofi Network MOFI4500-4GXeLTE 安全漏洞

The Mofi Network MOFI4500-4GXeLTE is a wireless router from Mofi Network. A remote reboot backdoor vulnerability exists in the Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices, which can be exploited by an attacker to reboot the device by accessing /cgi-bin/poof.cgi with a private key...

Mofi Network MOFI4500-4GXeLTE 安全漏洞

The Mofi Network MOFI4500-4GXeLTE is a wireless router from Mofi Network. An unauthorized RCE vulnerability exists in Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The vulnerability stems from the authentication function passing untrusted data to the operating system without proper destruction...