VYPR

AirBox Y858_FL_01.16_04

by Orange

CVEs (2)

  • CVE-2018-18377HigOct 16, 2018
    risk 0.49cvss 7.5epss 0.01

    goform/setReset on Orange AirBox Y858_FL_01.16_04 devices allows attackers to reset a router to factory settings, which can be used to login using the default admin:admin credentials.

  • CVE-2018-18376HigOct 16, 2018
    risk 0.49cvss 7.5epss 0.02

    goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.