Filtered by vendor Foxconn Subscriptions
Filtered by product Ap-fc4064-t Firmware Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-9112 1 Foxconn 2 Ap-fc4064-t, Ap-fc4064-t Firmware 2024-11-21 N/A
A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies.
CVE-2018-9111 1 Foxconn 2 Ap-fc4064-t, Ap-fc4064-t Firmware 2024-11-21 N/A
Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via the configuration of a user account. An attacker can execute arbitrary script on an unsuspecting user's browser.
CVE-2018-6312 1 Foxconn 2 Ap-fc4064-t, Ap-fc4064-t Firmware 2024-11-21 7.2 High
A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used.
CVE-2018-6311 1 Foxconn 2 Ap-fc4064-t, Ap-fc4064-t Firmware 2024-11-21 6.8 Medium
One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via UART pins without any restrictions, which leads to full system compromise and disclosure of user communications.