VYPR
Vendor

Freebox

Products
6
CVEs
9
Across products
13
Status
Private

Products

6

Recent CVEs

9
  • CVE-2020-24377CriSep 16, 2020
    risk 0.62cvss 9.6epss 0.01

    A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3.

  • CVE-2020-24376CriSep 16, 2020
    risk 0.62cvss 9.6epss 0.01

    A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3.

  • CVE-2020-24374CriSep 16, 2020
    risk 0.62cvss 9.6epss 0.01

    A DNS rebinding vulnerability in Freebox v5 before 1.5.29.

  • CVE-2020-24373HigSep 16, 2020
    risk 0.57cvss 8.8epss 0.01

    A CSRF vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.

  • CVE-2020-24375MedOct 19, 2020
    risk 0.42cvss 6.5epss 0.01

    A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.

  • CVE-2014-9382MedJan 13, 2020
    risk 0.42cvss 6.5epss 0.01

    Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation

  • CVE-2014-9405MedJan 6, 2020
    risk 0.35cvss 5.4epss 0.02

    A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code.

  • CVE-2025-63292Nov 17, 2025
    risk 0.00cvss epss 0.00

    Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolution r1–r3 (firmware = 4.7.x), Freebox Mini 4K (firmware = 4.7.x), and Freebox One (firmware = 4.7.x) were discovered to expose subscribers' IMSI identifiers in plaintext during the…

  • CVE-2007-2652May 14, 2007
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbitrary code via unspecified vectors involving certain (1) sprintf and (2) vsprintf calls in (a) r_index.c, (b) r_reports.c, (c) r_topsites.c, (d) r_topuser.c, (e) r_typical.c, (f)…