Airbox Firmware@y858 fl 01.16 04 Security Vulnerabilities and Issues — Airbox Firmware@y858 fl 01.16 04 CVE List

Lucene search

OrangeAirbox Firmwarey858 fl 01.16 04

3 matches found

CVE•added 2018/10/16 1:29 a.m.•27 views

CVE-2018-18376

goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.

7.5CVSS7.4AI score0.00333EPSS

CVE•added 2018/10/16 1:29 a.m.•27 views

CVE-2018-18377

goform/setReset on Orange AirBox Y858_FL_01.16_04 devices allows attackers to reset a router to factory settings, which can be used to login using the default admin:admin credentials.

7.5CVSS7.5AI score0.00246EPSS

CVE•added 2018/10/16 1:29 a.m.•26 views

CVE-2018-18375

goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter.

9.8CVSS9.2AI score0.00353EPSS