Vulnerabilities > Free > Freebox ONE Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-09-16 CVE-2020-24377 Improper Input Validation vulnerability in Free products
A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3.
network
low complexity
free CWE-20
critical
 9.6
9.6
2020-09-16 CVE-2020-24376 Improper Input Validation vulnerability in Free products
A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3.
network
low complexity
free CWE-20
critical
 9.6
9.6
2020-09-16 CVE-2020-24373 Cross-Site Request Forgery (CSRF) vulnerability in Free products
A CSRF vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.
network
low complexity
free CWE-352
8.8
8.8