CVE-2018-9112
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies.
Existe una cuenta de administrador con pocos privilegios con una contraseña de administrador débil por defecto en Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. Ademásm su página de gestión web depende de la existencia de valores de cookies al realizar operaciones críticas para la seguridad. Se podrían obtener privilegios modificando cookies.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-03-28 CVE Reserved
- 2018-05-10 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://gist.github.com/ChuanYuan-Huang/a92b8b32980123d5fa9bf5a8299114bf | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Foxconn Search vendor "Foxconn" | Ap-fc4064-t Firmware Search vendor "Foxconn" for product "Ap-fc4064-t Firmware" | ap_gt_b38_5.8.3lb15-w47_lte Search vendor "Foxconn" for product "Ap-fc4064-t Firmware" and version "ap_gt_b38_5.8.3lb15-w47_lte" | - |
Affected
| in | Foxconn Search vendor "Foxconn" | Ap-fc4064-t Search vendor "Foxconn" for product "Ap-fc4064-t" | - | - |
Safe
|