← Voltar para CVEs
CVE-2008-1262
N/ADescricao
The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not verify authentication credentials, which allows remote attackers to (1) upload malformed firmware or (2) bind the antenna to a different WiMAX base station via unspecified requests to forms under process_adv/.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado3/10/2008
Ultima modificacao4/23/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
airspan:wimax_prost
Fraquezas (CWE)
CWE-287
Referencias
http://airspan4wimax.googlepages.com/(cve@mitre.org)
http://secunia.com/advisories/29265(cve@mitre.org)
http://www.0x000000.com/?i=524(cve@mitre.org)
http://www.gnucitizen.org/projects/router-hacking-challenge/(cve@mitre.org)
http://www.kb.cert.org/vuls/id/248372(cve@mitre.org)
http://www.securityfocus.com/archive/1/489009/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/28122(cve@mitre.org)
http://www.vupen.com/english/advisories/2008/0802/references(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/41052(cve@mitre.org)
http://airspan4wimax.googlepages.com/(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29265(af854a3a-2127-422b-91ae-364da2661108)
http://www.0x000000.com/?i=524(af854a3a-2127-422b-91ae-364da2661108)
http://www.gnucitizen.org/projects/router-hacking-challenge/(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/248372(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/489009/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/28122(af854a3a-2127-422b-91ae-364da2661108)
http://www.sharemethods.net/nepal/servlet/open?keeppath=false&aid=29820(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/0802/references(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/41052(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.