Lucene search

MitreCVE-2008-1262

HistoryMar 10, 2008 - 5:44 p.m.

CVE-2008-1262

2008-03-1017:44:00

CWE-287

mitre

web.nvd.nist.gov

cve-2008-1262

airspan

wimax

prost

firmware

authentication

remote attackers

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.129

Percentile

95.5%

JSON

The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not verify authentication credentials, which allows remote attackers to (1) upload malformed firmware or (2) bind the antenna to a different WiMAX base station via unspecified requests to forms under process_adv/.

Affected configurations

Nvd

Node

airspanwimax_prostMatch4.16.5.38.0

VendorProductVersionCPE
airspanwimax_prost4.1cpe:2.3:h:airspan:wimax_prost:4.1:*:6.5.38.0:*:*:*:*:*

Vendor	Product	Version	CPE
airspan	wimax_prost	4.1	cpe:2.3:h:airspan:wimax_prost:4.1::6.5.38.0:::::

References

airspan4wimax.googlepages.com/

secunia.com/advisories/29265

www.0x000000.com/?i=524

www.gnucitizen.org/projects/router-hacking-challenge/

www.kb.cert.org/vuls/id/248372

www.securityfocus.com/archive/1/489009/100/0/threaded

www.securityfocus.com/bid/28122

www.sharemethods.net/nepal/servlet/open?keeppath=false&aid=29820

www.vupen.com/english/advisories/2008/0802/references

exchange.xforce.ibmcloud.com/vulnerabilities/41052

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.129

Percentile

95.5%

JSON

Related for CVE-2008-1262