Lucene search
K
LibrewirelessLs9 Firmware

4 matches found

CVE
CVE
added 2021/05/03 8:47 p.m.64 views

CVE-2020-35757

CVE-2020-35757 affects Libre Wireless LS9 LS1.5/p7040 devices. The issue is unauthenticated root ADB access over TCP via the LS9 web interface: the web management endpoint can be enabled by a crafted request, and requests to this endpoint do not require authentication, allowing any unauthenticate...

9.8CVSS9.4AI score0.01806EPSS
CVE
CVE
added 2021/05/03 8:48 p.m.64 views

CVE-2020-35758

The CVE-2020-35758 entry concerns Libre Wireless LS9 LS1.5/p7040 devices with a web interface authentication bypass. The issue allows unauthenticated access to privileged APIs because access restrictions on internal functionality are not properly enforced, despite a login page appearing. Document...

9.8CVSS9.5AI score0.01573EPSS
CVE
CVE
added 2021/05/03 8:46 p.m.61 views

CVE-2020-35755

CVE-2020-35755 affects Libre Wireless LS9 LS1.5/p7040 devices. The issue is a direct information leak via the luci_service daemon on port 7777, where a Read_ command category enables reading the device configuration NVRAM. This allows access to sensitive data stored in NVRAM, including the Wi‑Fi ...

7.5CVSS7.6AI score0.01111EPSS
CVE
CVE
added 2021/05/03 8:47 p.m.57 views

CVE-2020-35756

Summary: CVE-2020-35756 affects Libre Wireless LS9 LS1.5/p7040 devices. The luci_service daemon on port 7777 accepts a GETPASS command without authentication and returns the device configuration password in cleartext, enabling unauthenticated access to leak the user’s configuration password. Affe...

7.5CVSS7.6AI score0.01216EPSS
Web