CVE-2017-14269

CVE-2017-14269

EPSS 1.6%

EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://blog.jameshemmings.co.uk/2017/08/24/ee-4gee-mobile-wifi-router-multiple-security-vulnerabilities-writeup http://seclists.org/fulldisclosure/2017/Sep/13