Affected configuration(s):
cpe:/o:ee:4gee_wifi_mbb_firmware:ee60_00_05.00_25
Date published: 2017-09-11T05:29:00.857-04:00
Date last modified: 2017-09-15T11:03:38.813-04:00
CVSS Score: 5.0
Principal attack vector: NETWORK
Complexity: LOW
Reference URL: http://seclists.org/fulldisclosure/2017/Sep/13
Summary: EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content.