Vulnerabilities (CVE)

Filtered by vendor Iball Subscribe
Filtered by product Ib-wrb302n Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-6355 1 Iball 2 Ib-wrb302n, Ib-wrb302n Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
/goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 2017" firmware has Unauthenticated Stored Cross Site Scripting via the lang parameter.
CVE-2018-20008 1 Iball 2 Ib-wrb302n, Ib-wrb302n Firmware 2024-11-21 2.1 LOW 6.8 MEDIUM
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console.