Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-6355 | 1 Iball | 2 Ib-wrb302n, Ib-wrb302n Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
/goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 2017" firmware has Unauthenticated Stored Cross Site Scripting via the lang parameter. | |||||
CVE-2018-20008 | 1 Iball | 2 Ib-wrb302n, Ib-wrb302n Firmware | 2024-11-21 | 2.1 LOW | 6.8 MEDIUM |
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console. |