Vulnerabilities > Free > Freebox OS

DATE CVE VULNERABILITY TITLE RISK
2020-01-13 CVE-2014-9382 Cross-Site Request Forgery (CSRF) vulnerability in Free Freebox OS 3.0.2
Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation
network
low complexity
free CWE-352
6.5
6.5
2020-01-06 CVE-2014-9405 Cross-site Scripting vulnerability in Free Freebox OS 3.0.2
A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code.
network
low complexity
free CWE-79
5.4
5.4