CVE-2017-6558
Published Mar 9, 2017
Last updated 3 years ago
Overview
- Description
- iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-798
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iball:ib-wra150n_firmware:1.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AAD4C77-CAA7-4B35-AE3E-F41895D1B5A8"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iball:ib-wra150n:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2C9AEFCD-95EC-4A36-B1F3-F5D91761F477"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]