Iball: >> Ib-Wrb302n Firmware Security Vulnerabilities
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console.
CVSS Score
6.8
EPSS Score
0.0
Published
2019-05-28
/goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 2017" firmware has Unauthenticated Stored Cross Site Scripting via the lang parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-01-30