VYPR

Freebox OS

by Freebox

CVEs (5)

  • CVE-2020-24377CriSep 16, 2020
    risk 0.62cvss 9.6epss 0.01

    A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3.

  • CVE-2020-24374CriSep 16, 2020
    risk 0.62cvss 9.6epss 0.01

    A DNS rebinding vulnerability in Freebox v5 before 1.5.29.

  • CVE-2014-9382MedJan 13, 2020
    risk 0.42cvss 6.5epss 0.01

    Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation

  • CVE-2014-9405MedJan 6, 2020
    risk 0.35cvss 5.4epss 0.02

    A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code.

  • CVE-2025-63292Nov 17, 2025
    risk 0.00cvss epss 0.00

    Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolution r1–r3 (firmware = 4.7.x), Freebox Mini 4K (firmware = 4.7.x), and Freebox One (firmware = 4.7.x) were discovered to expose subscribers' IMSI identifiers in plaintext during the…