Vulnerabilities > Starry > S00111
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-10 | CVE-2017-13718 | 7PK - Security Features vulnerability in Starry S00111 Firmware The HTTP API supported by Starry Station (aka Starry Router) allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to the Internet. | 6.0 |
| 2019-06-10 | CVE-2017-13717 | Credentials Management vulnerability in Starry S00111 Firmware Starry Station (aka Starry Router) sets the Access-Control-Allow-Origin header to "*". | 4.3 |