4.1.5Std

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

mofinetwork

NVD

Published: 2021-02-01

Updated: 2021-02-04

Summary

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They can be rebooted by sending an unauthenticated poof.cgi HTTP GET request.

Vulnerable Configurations

Part	Description	Count
OS	Mofinetwork Mofinetwork Mofi4500 4Gxelte Firmware 3.6.1-Std Mofinetwork Mofi4500 4Gxelte Firmware 4.0.8-Std Mofinetwork Mofi4500 4Gxelte Firmware 4.1.5-Std	3
Hardware	Mofinetwork Mofinetwork Mofi4500 4Gxelte -	1

References

https://www.criticalstart.com/critical-vulnerabilities-discovered-in-mofi-routers/
https://mofinetwork.com/index.php?main_page=page&id=14