Posted by Gergely Eberhardt on Jul 25

Ubee EVW3226 modem/router multiple vulnerabilities
————————————————–

Platforms / Firmware confirmed affected:
– Ubee EVW3226, 1.0.20
– Product page: http://www.ubeeinteractive.com/products/cable/evw3226

Vulnerabilities
—————
Insecure session management
The web interface does not use cookies at all. If admin login is
successful, the IP address of the admin user is stored and everybody can
access the…