cbcvebase.

Iball Ib-Wra150N Firmware vulnerabilities

4 known vulnerabilities affecting iball/ib-wra150n_firmware.

Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH1

Vulnerabilities

Page 1 of 1
CVE-2017-14244P2CRITICALCVSS 9.8PoCvfw_ib-lr7011a_1.0.22017-09-17
CVE-2017-14244 [CRITICAL] CWE-425 CVE-2017-14244: An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.
nvd
CVE-2017-6558P2CRITICALCVSS 9.8PoCv1.2.62017-03-09
CVE-2017-6558 [CRITICAL] CWE-798 CVE-2017-6558: iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authen iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file.
nvd
CVE-2018-6388P2HIGHCVSS 8.8PoCv1.2.62018-01-29
CVE-2018-6388 [HIGH] CWE-78 CVE-2018-6388: iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute a iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page.
nvd
CVE-2018-6387P3CRITICALCVSS 9.8v1.2.62018-01-29
CVE-2018-6387 [CRITICAL] CWE-798 CVE-2018-6387: iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the ad iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.
nvd
Iball Ib-Wra150N Firmware vulnerabilities | cvebase