CVE-2008-1262

Airspan WiMax ProST 4.1-6.5.38.0 - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1262. PoCs published by Francis Lacoste-Cordeau.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Airspan ProST WiMAX devices by sending a crafted POST request to the web interface, allowing unauthorized access to the device's configuration.

Description

The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not verify authentication credentials, which allows remote attackers to (1) upload malformed firmware or (2) bind the antenna to a different WiMAX base station via unspecified requests to forms under process_adv/.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Francis Lacoste-Cordeau · textremotehardware

https://www.exploit-db.com/exploits/31342

View Code ZIP pw:eip

This exploit demonstrates an authentication bypass vulnerability in Airspan ProST WiMAX devices by sending a crafted POST request to the web interface, allowing unauthorized access to the device's configuration.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Airspan ProST WiMAX device

No auth needed

Prerequisites: Network access to the target device · Knowledge of the target device's IP address

MITRE ATT&CK