Vulnerability Details CVE-2018-17873
An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.05
EPSS Ranking 89.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 3.3
References
Products affected by CVE-2018-17873
-
cpe:2.3:h:wifiranger:wifiranger:-
-
cpe:2.3:o:wifiranger:wifiranger_firmware:7.0.1
-
cpe:2.3:o:wifiranger:wifiranger_firmware:7.0.3
-
cpe:2.3:o:wifiranger:wifiranger_firmware:7.0.6
-
cpe:2.3:o:wifiranger:wifiranger_firmware:7.0.7
-
cpe:2.3:o:wifiranger:wifiranger_firmware:7.0.8