VYPR

XCNDDW365

by Ubee

CVEs (2)

  • CVE-2024-23726HigJan 21, 2024
    risk 0.57cvss 8.8epss 0.00

    Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six…

  • CVE-2024-28092HigMar 19, 2024
    risk 0.47cvss 7.2epss 0.01

    UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP…