Skip to main content
CVE-2017-14243 CRITICAL POC THREAT Emergency

An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 60.3%.

Authentication Bypass Wa3002G4 Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
60.3%
Threat
5.3
CVE-2017-14244 CRITICAL POC THREAT Emergency

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 50.8%.

Authentication Bypass Ib Wra150N Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
50.8%
Threat
5.0
CVE-2017-14512 CRITICAL POC Act Now

NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an editforum action, a different vulnerability than CVE-2017-12981. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Nexusphp
NVD GitHub
CVSS 3.0
9.8
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy