Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iball vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-15043
iBall WRB303N devices allow CSRF attacks, as demonstrated by enabling remote management, enabling DHCP, or modifying the subnet range for IP addresses.
Iball Wrb303n Firmware -
4.3
CVSSv2
CVE-2020-29292
iBall WRD12EN 1.0.0 devices allow cross-site request forgery (CSRF) attacks as demonstrated by enabling DNS settings or modifying the range for IP addresses.
Iball Wrd12en Firmware 1.0.0
5
CVSSv2
CVE-2017-6558
iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote malicious users to view and modify administrative router settings by reading the HTML source code of the password.cgi file.
Iball Ib-wra150n Firmware 1.2.6
1 EDB exploit
1 Github repository
10
CVSSv2
CVE-2018-6387
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.
Iball Ib-wra150n Firmware 1.2.6
9
CVSSv2
CVE-2017-11169
Privilege Escalation on iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 devices allows remote authenticated users to obtain root privileges by leveraging a guest/user/normal account to submit a modified privilege parameter to /form2userconfig.cgi.
Iball Ib-wra300n3gt Firmware 1.1.1
9
CVSSv2
CVE-2018-6388
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page.
Iball Ib-wra150n Firmware 1.2.6
1 EDB exploit
10
CVSSv2
CVE-2017-14244
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows malicious users to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.
Iball Ib-wra150n Firmware Fw Ib-lr7011a 1.0.2
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2018-6355
/goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 2017" firmware has Unauthenticated Stored Cross Site Scripting via the lang parameter.
Iball Ib-wrb302n Firmware 1.0.1-sep 8 2017
2.1
CVSSv2
CVE-2018-20008
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical malicious users to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console.
Iball Ib-wrb302n Firmware Ib-wrb302n20122017
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started