Vulnerabilities (CVE)

Filtered by vendor Orange Subscribe
Filtered by product Airbox
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-18377 1 Orange 2 Airbox, Airbox Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
goform/setReset on Orange AirBox Y858_FL_01.16_04 devices allows attackers to reset a router to factory settings, which can be used to login using the default admin:admin credentials.
CVE-2018-18376 1 Orange 2 Airbox, Airbox Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.
CVE-2018-18375 1 Orange 2 Airbox, Airbox Firmware 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter.