Vulnerability Details CVE-2014-1408
The Conceptronic C54APM access point with runtime code 1.26 has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via an HTTP request, as demonstrated by stored XSS attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.5%
CVSS Severity
CVSS v2 Score 7.8
References
- http://antoniovazquezblanco.github.io/docs/advisories/Advisory_C54APM_Multiple.pdf
- http://download.conceptronic.net/manuals/C04-058_C54APM_v2.0_Quick_Guide_ML.pdf
- http://antoniovazquezblanco.github.io/docs/advisories/Advisory_C54APM_Multiple.pdf
- http://download.conceptronic.net/manuals/C04-058_C54APM_v2.0_Quick_Guide_ML.pdf
Products affected by CVE-2014-1408
-
cpe:2.3:h:conceptronic:c54apm:v2
-
cpe:2.3:o:conceptronic:c54apm_firmware:1.26