Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mofinetwork mofi4500-4gxelte firmware 4.0.8-std vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-13858
An issue exists on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They contain two undocumented administrator accounts. The sftp and mofidev accounts are defined in /etc/passwd and the password is not unique across installations.
Mofinetwork Mofi4500-4gxelte Firmware 3.6.1-std
Mofinetwork Mofi4500-4gxelte Firmware 4.0.8-std
5
CVSSv2
CVE-2020-13856
An issue exists on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. Authentication is not required to download the support file that contains sensitive information such as cleartext credentials and password hashes.
Mofinetwork Mofi4500-4gxelte Firmware 4.0.8-std
7.8
CVSSv2
CVE-2020-13857
An issue exists on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They can be rebooted by sending an unauthenticated poof.cgi HTTP GET request.
Mofinetwork Mofi4500-4gxelte Firmware 3.6.1-std
Mofinetwork Mofi4500-4gxelte Firmware 4.0.8-std
Mofinetwork Mofi4500-4gxelte Firmware 4.1.5-std
5
CVSSv2
CVE-2020-13859
An issue exists on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows the undocumented system account mofidev to login to the cgi-bin/luci/quick/wizard management...
Mofinetwork Mofi4500-4gxelte Firmware 4.0.8-std
5
CVSSv2
CVE-2020-13860
An issue exists on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password.
Mofinetwork Mofi4500-4gxelte Firmware 4.0.8-std
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started