Skip to main content

4Gee Wifi Mbb Firmware

3 CVEs product

Monthly

CVE-2017-14269 CRITICAL POC Act Now

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 4Gee Wifi Mbb Firmware
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2017-14268 MEDIUM POC This Month

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have XSS in the sms_content parameter in a getSMSlist request. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 4Gee Wifi Mbb Firmware
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-14267 HIGH POC This Week

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF 4Gee Wifi Mbb Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
0.3%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 4Gee Wifi Mbb Firmware
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have XSS in the sms_content parameter in a getSMSlist request. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 4Gee Wifi Mbb Firmware
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF 4Gee Wifi Mbb Firmware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy