Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mimosa client radios vulnerabilities and exploits

(subscribe to this query)
445
VMScore
CVE-2017-9134
An information-leakage issue exists on Mimosa Client Radios prior to 2.2.3 and Mimosa Backhaul Radios prior to 2.2.3. There is a page in the web interface that will show you the device's serial number, regardless of whether or not you have logged in. This information-leakage...
Mimosa Client RadiosMimosa Backhaul Radios
445
VMScore
CVE-2017-9131
An issue exists on Mimosa Client Radios prior to 2.2.3 and Mimosa Backhaul Radios prior to 2.2.3. By connecting to the Mosquitto broker on an access point and one of its clients, an attacker can gather enough information to craft a command that reboots the client remotely when se...
Mimosa Backhaul RadiosMimosa Client Radios
445
VMScore
CVE-2017-9132
A hard-coded credentials issue exists on Mimosa Client Radios prior to 2.2.3, Mimosa Backhaul Radios prior to 2.2.3, and Mimosa Access Points prior to 2.2.3. These devices run Mosquitto, a lightweight message broker, to send information between devices. By using the vendor's...
Mimosa Client RadiosMimosa Backhaul Radios
801
VMScore
CVE-2017-9133
An issue exists on Mimosa Client Radios prior to 2.2.3 and Mimosa Backhaul Radios prior to 2.2.3. In the device's web interface, after logging in, there is a page that allows you to ping other hosts from the device and view the results. The user is allowed to specify which h...
Mimosa Backhaul RadiosMimosa Client Radios
801
VMScore
CVE-2017-9135
An issue exists on Mimosa Client Radios prior to 2.2.4 and Mimosa Backhaul Radios prior to 2.2.4. On the backend of the device's web interface, there are some diagnostic tests available that are not displayed on the webpage; these are only accessible by crafting a POST reque...
Mimosa Client RadiosMimosa Backhaul Radios
694
VMScore
CVE-2017-9136
An issue exists on Mimosa Client Radios prior to 2.2.3. In the device's web interface, there is a page that allows an malicious user to use an unsanitized GET parameter to download files from the device as the root user. The attacker can download any file from the device...
Mimosa Client RadiosMimosa Backhaul Radios
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook