Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows the undocumented system account mofidev to login to the cgi-bin/luci/quick/wizard management interface without a password by abusing a forgotten-password feature.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mofi Network MOFI-GXeLTE 安全漏洞
Vulnerability Description
Mofi Network MOFI4500-4GXeLTE是Mofi Network公司的一款无线路由器。 Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices 存在安全漏洞,该漏洞源于etc shadow的格式错误,加上LuCI-OpenWrt配置接口框架的逻辑错误,允许无文档记录的系统帐户mofidev通过滥用忘记密码功能无需密码就可以登录到cgi-bin LuCI快速向导管理界面。
CVSS Information
N/A
Vulnerability Type
N/A