Ib-wra150n
Vulnerabilities
5
Known exploited
0
Max CVSS
9.8
Top EPSS
0.17149
Severity breakdown
Critical
4
High
1
Medium
0
Low
0
Also matched as (raw): ib-wra150n_firmware,ib-wra150n
Top vulnerabilities
CVE-2018-6387iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.
CVE-2017-6558iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file.
CVE-2017-14244An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.
BDU:2018-00351Уязвимость микропрограммного кода маршрутизатора iBall iB-WRA150N связана с использованием предустановленных учетных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить доступ к устройству с правами администратора
CVE-2018-6388iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page.