Orange Airbox Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Orange Airbox Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2018-18375 — CVSS 9.8 (critical): goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the…
CVE-2018-18376 — CVSS 7.5 (high): goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected…
CVE-2018-18377 — CVSS 7.5 (high): goform/setReset on Orange AirBox Y858_FL_01.16_04 devices allows attackers to reset a router to factory settings, which can be used to…