Ee: >> 4gee Wifi Mbb Security Vulnerabilities
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings.
CVSS Score
8.8
EPSS Score
0.003
Published
2017-09-11
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have XSS in the sms_content parameter in a getSMSlist request.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-09-11
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content.
CVSS Score
9.8
EPSS Score
0.007
Published
2017-09-11