CVE Tools

mofinetwork

Networking Infrastructurecommercial

10

Cumulative CVEs

1

Monthly snapshots

#52

Peak rank

Top products

mofi4500-4gxelte firmware10

Latest CVEs

The 11 most recently published vulnerabilities affecting mofinetwork.

CVE-2021-27715An issue was discovered in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows attackers to bypass the authentication and execute arbitrary code via crafted HTTP request.9.8Sep 8, 2023
CVE-2020-13858An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They contain two undocumented administrator accounts. The sftp and mofidev accounts are defined in /etc/pas...9.8Feb 1, 2021
CVE-2020-15836An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function passes untrusted data to the operating system without proper sanitization. A crafted request ...9.8Feb 1, 2021
CVE-2020-15835An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function contains undocumented code that provides the ability to authenticate as root without knowing ...9.8Feb 1, 2021
CVE-2020-15834An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The wireless network password is exposed in a QR encoded picture that an unauthenticated adversary can download via the w...7.5Feb 1, 2021
CVE-2020-15833An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The Dropbear SSH daemon has been modified to accept an alternate hard-coded path to a public key that allows root access....9.8Feb 1, 2021
CVE-2020-15832An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The poof.cgi script contains undocumented code that provides the ability to remotely reboot the device. An adversary with...7.5Feb 1, 2021
CVE-2020-13860An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password.7.5Feb 1, 2021
CVE-2020-13859An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows t...9.8Feb 1, 2021
CVE-2020-13856An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. Authentication is not required to download the support file that contains sensitive information such as cleartext credent...7.5Feb 1, 2021
CVE-2020-13857An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They can be rebooted by sending an unauthenticated poof.cgi HTTP GET request.7.5Feb 1, 2021