Vulnerabilities > Softbank

DATE CVE VULNERABILITY TITLE RISK
2021-07-30 CVE-2021-20783 Cross-Site Request Forgery (CSRF) vulnerability in Softbank Optical BB Unit E-Wmta Firmware 2.3
Cross-site request forgery (CSRF) vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page.
network
softbank CWE-352
6.8
2018-11-15 CVE-2018-0691 Improper Certificate Validation vulnerability in multiple products
Multiple +Message Apps (Softbank +Message App for Android prior to version 10.1.7, Softbank +Message App for iOS prior to version 1.1.23, NTT DOCOMO +Message App for Android prior to version 42.40.2800, NTT DOCOMO +Message App for iOS prior to version 1.1.23, KDDI +Message App for Android prior to version 1.0.6, and KDDI +Message App for iOS prior to version 1.1.23) do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
4.3
2017-05-12 CVE-2017-2167 Untrusted Search Path vulnerability in Softbank Primedrive Desktop Application
Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory.
network
softbank CWE-426
6.8
2017-04-28 CVE-2017-2108 Untrusted Search Path vulnerability in Softbank Primedrive Desktop Application
Untrusted search path vulnerability in PrimeDrive Desktop Application 1.4.3 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
softbank CWE-426
7.2
2013-06-17 CVE-2013-2310 Improper Authentication vulnerability in multiple products
SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile smartphones with the WISPrClient application before 1.3.1, SoftBank Disney Mobile Android smartphones with the Wi-Fi application before 1.7.1, and WILLCOM Android smartphones with the Wi-Fi application before 1.7.1, does not properly connect to access points, which allows remote attackers to obtain sensitive information by leveraging access to an 802.11 network.
low complexity
softbank willcom-inc CWE-287
3.3