CVE-2020-13860

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password.

Summary:

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password.

Reference Links(if available):

  • https://www.criticalstart.com/critical-vulnerabilities-discovered-in-mofi-routers/
  • https://mofinetwork.com/index.php?main_page=page&id=14
  • CVSS Score (if available)

    v2: / HIGH

    v3: /

    Links to Exploits(if available)