CVE-2020-13856

Name of the Vulnerable Software and Affected Versions Mofi Network MOFI4500-4GXeLTE version 4.0.8-std

Description An issue was discovered where authentication is not required to download the support file, which contains sensitive information such as cleartext credentials and password hashes.

Recommendations For Mofi Network MOFI4500-4GXeLTE version 4.0.8-std, consider restricting access to the support file until a patch is available. As a temporary workaround, avoid downloading the support file to minimize the risk of exposing sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.