CVE-2008-1262

Sažetak

The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not verify authentication credentials, which allows remote attackers to (1) upload malformed firmware or (2) bind the antenna to a different WiMAX base station via unspecified requests to forms under process_adv/.

Reference

http://airspan4wimax.googlepages.com/
http://secunia.com/advisories/29265
http://www.0x000000.com/?i=524
http://www.gnucitizen.org/projects/router-hacking-challenge/
http://www.kb.cert.org/vuls/id/248372
http://www.securityfocus.com/archive/1/489009/100/0/threaded
http://www.securityfocus.com/bid/28122
http://www.sharemethods.net/nepal/servlet/open?keeppath=false&aid=29820
http://www.vupen.com/english/advisories/2008/0802/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41052

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

11-10-2018 - 20:31

Objavljeno

10-03-2008 - 17:44