9.8

CVE-2017-6558

EPSS 34.77%
Veröffentlicht 09.03.2017 09:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Iball ≫ Ib-wra150n Firmware Version1.2.6

Iball ≫ Ib-wra150n Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	34.77%	0.966

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

http://www.securityfocus.com/bid/96822

https://www.youtube.com/watch?v=8GZg1IuSfCs

https://nvd.nist.gov/vuln/detail/CVE-2017-6558

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-6558

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-6558

EUVD