Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Foxconn Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-6311 1 Foxconn 2 Ap-fc4064-t, Ap-fc4064-t Firmware 2021-09-09 7.2 HIGH 6.8 MEDIUM
One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via UART pins without any restrictions, which leads to full system compromise and disclosure of user communications.
CVE-2018-6312 1 Foxconn 2 Ap-fc4064-t, Ap-fc4064-t Firmware 2021-09-09 9.0 HIGH 7.2 HIGH
A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used.
CVE-2018-9112 1 Foxconn 2 Ap-fc4064-t, Ap-fc4064-t Firmware 2018-06-18 7.5 HIGH 9.8 CRITICAL
A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies.
CVE-2018-9111 1 Foxconn 2 Ap-fc4064-t, Ap-fc4064-t Firmware 2018-06-13 3.5 LOW 5.4 MEDIUM
Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via the configuration of a user account. An attacker can execute arbitrary script on an unsuspecting user's browser.