CVE-2018-6387

moderate-risk
Published 2018-01-29

iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.

Do I need to act?

-
0.72% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Iball

References (2)

Exploit https://blogs.securiteam.com/index.php/archives/3654
Exploit https://blogs.securiteam.com/index.php/archives/3654
39
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 2/34 · Minimal
Exposure 5/34 · Minimal