Iball

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-29292 1Iball 1Wrd12en Firmware Nov 21, 2024 Dec 30, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 iBall WRD12EN 1.0.0 devices allow cross-site request forgery (CSRF) attacks as demonstrated by enabling DNS settings or modifying the range for IP addresses.
CVE-2020-15043 1Iball 1Wrb303n Firmware Nov 21, 2024 Jun 29, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 iBall WRB303N devices allow CSRF attacks, as demonstrated by enabling remote management, enabling DHCP, or modifying the subnet range for IP addresses.
CVE-2018-20008 1Iball 1Ib Wrb302n Firmware Nov 21, 2024 May 28, 2019 N/A· v4 6.8 MEDIUM· v3 2.1 LOW· v2 iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging...Show more iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console.Show less
CVE-2018-6355 1Iball 1Ib Wrb302n Firmware Nov 21, 2024 Jan 30, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 /goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 2017" firmware has Unauthenticated Stored Cross Site Scripting via the lang parameter.
CVE-2018-6388 1Iball 1Ib Wra150n Firmware Nov 21, 2024 Jan 29, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page.
CVE-2018-6387 1Iball 1Ib Wra150n Firmware Nov 21, 2024 Jan 29, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user acco...Show more iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.Show less
CVE-2017-11169 1Iball 1Ib Wra300n3gt Firmware May 13, 2026 Nov 13, 2017 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Privilege Escalation on iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 devices allows remote authenticated users to obtain root privileges by leveraging a guest/user/normal account to submit a modified privilege parameter to /f...Show more Privilege Escalation on iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 devices allows remote authenticated users to obtain root privileges by leveraging a guest/user/normal account to submit a modified privilege parameter to /form2userconfig.cgi.Show less
CVE-2017-14244 1Iball 1Ib Wra150n Firmware May 13, 2026 Sep 17, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension,...Show more An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.Show less
CVE-2017-6558 1Iball 1Ib Wra150n Firmware May 13, 2026 Mar 9, 2017 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading...Show more iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file.Show less