Vulnerabilities > Utstar > Wa3002G4 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-09-17 CVE-2017-14243 Improper Authentication vulnerability in Utstar Wa3002G4 Firmware Wa3002G40021.01
An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi, pppoe.cgi, resetrouter.cgi, and password.cgi.
network
low complexity
utstar CWE-287
critical
10.0