CVE-2013-2310

Softbank Wi-fi Spot Configuration Software - Authentication Bypass

Title source: rule

Description

SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile smartphones with the WISPrClient application before 1.3.1, SoftBank Disney Mobile Android smartphones with the Wi-Fi application before 1.7.1, and WILLCOM Android smartphones with the Wi-Fi application before 1.7.1, does not properly connect to access points, which allows remote attackers to obtain sensitive information by leveraging access to an 802.11 network.

References (5)

[Third Party Advisory] http://jvn.jp/en/jp/JVN85371480/397327/index.html

[Third Party Advisory] http://jvn.jp/en/jp/JVN85371480/995319/index.html

[Third Party Advisory] http://jvn.jp/en/jp/JVN85371480/995417/index.html

[Third Party Advisory] http://jvn.jp/en/jp/JVN85371480/index.html

[Third Party Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2013-000039

Scores

EPSS 0.0020

EPSS Percentile 41.9%

Classification

CWE

CWE-287

Status draft

Affected Products (50)

softbank/wi-fi_spot_configuration_software

softbank/mobile_wi-fi_router

softbank/mobile_wi-fi_router

softbank/mobile_wi-fi_router

softbank/nec_3g_handset

softbank/nec_3g_handset

softbank/nec_3g_handset

softbank/panasonic_3g_handset

softbank/panasonic_3g_handset

softbank/panasonic_3g_handset

softbank/samsung_3g_handset

softbank/sharp_3g_handset

softbank/sharp_3g_handset

softbank/sharp_3g_handset

softbank/sharp_3g_handset

... and 35 more

Timeline

Published Jun 17, 2013

Tracked Since Feb 18, 2026