CVE-2018-20008

Name of the Vulnerable Software and Affected Versions iBall Baton iB-WRB302N version 20122017

Description The issue concerns improper access control over the UART interface, allowing physical attackers to access sensitive information. This includes discovering Wi-Fi credentials in plain text and the web-console password in base64 via the debugging console.

Recommendations For iBall Baton iB-WRB302N version 20122017, as a temporary workaround, consider restricting physical access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.