Mofinetwork: >> Mofi4500-4gxelte Firmware >> 3.6.1-std Security Vulnerabilities
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They contain two undocumented administrator accounts. The sftp and mofidev accounts are defined in /etc/passwd and the password is not unique across installations.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-02-01
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They can be rebooted by sending an unauthenticated poof.cgi HTTP GET request.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-02-01