Published: 17/09/2017 Updated: 21/06/2021

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows malicious users to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.

Vulnerable Product	Search on Vulmon	Subscribe to Product
iball ib-wra150n_firmware fw_ib-lr7011a_1.0.2

# Exploit Title: iBall ADSL2+ Home Router Authentication Bypass Vulnerability # CVE: CVE-2017-14244 # Date: 15-09-2017 # Exploit Author: Gem George # Author Contact: wwwlinkedincom/in/gemgrge # Vulnerable Product: iBall ADSL2+ Home Router WRA150N wwwiballcoin/Product/ADSL2--Home-Router/746 # Firmware version: FW_iB-LR7011A_10 ...

iBall ADSL2+ Home Router suffers from multiple authentication bypass vulnerabilities ...

POC checks for CVE-2017-6558, CVE-2017-14243 & CVE-2017-14244

iBall & UTStar Authentication Bypass & Information Disclosure Vulnerabilities POC checks for CVE-2017-6558, CVE-2017-14243 & CVE-2017-14244 Screenshots References wwwtechipickcom/iball-baton-adsl2-home-router-utstar-wa3002g4-adsl-broadband-modem-authentication-bypass wwwexploit-dbcom/exploits/42739/ wwwexploit-dbcom/explo

CWE-425 https://www.techipick.com/iball-baton-adsl2-home-router-utstar-wa3002g4-adsl-broadband-modem-authentication-bypass https://www.exploit-db.com/exploits/42740/https://nvd.nist.gov https://github.com/GemGeorge/iBall-UTStar-CVEChecker https://www.exploit-db.com/exploits/42740/

CVE-2017-14244

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect