VYPR

Pocket WiFi

by SolaX

CVEs (3)

  • CVE-2023-35837CriJan 23, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. Authentication for web interface is completed via an unauthenticated WiFi AP. The administrative password for the web interface has a default password, equal to the registration ID of the device. This same…

  • CVE-2023-35835CriJan 23, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. The device provides a WiFi access point for initial configuration. The WiFi network provided has no network authentication (such as an encryption key) and persists permanently, including after enrollment and setup…

  • CVE-2023-35836MedJan 23, 2024
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further…