Skip to main content

Bm2022 Firmware

1 CVEs product

Monthly

CVE-2017-3216 CRITICAL POC Act Now

WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Mediatek Authentication Bypass Ox350 Firmware Bm2022 Firmware Hes 309M Firmware +11
NVD
CVSS 3.0
9.8
EPSS
3.2%
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Mediatek Authentication Bypass Ox350 Firmware +13
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy