Vulnerability Details : CVE-2017-6558
iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file.
Products affected by CVE-2017-6558
- cpe:2.3:o:iball:ib-wra150n_firmware:1.2.6:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-6558
3.45%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-6558
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2017-6558
-
The product contains hard-coded credentials, such as a password or cryptographic key.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-6558
-
https://www.youtube.com/watch?v=8GZg1IuSfCs
iBall Baton 150M Wireless Router Authentication Bypass Vulnerability (CVE-2017-6558) - YouTube
-
http://www.securityfocus.com/bid/96822
iBall Baton 150M Wireless Router CVE-2017-6558 Authentication Bypass Vulnerability
Jump to