Aggregates CVE and security vulnerability intelligence across all free-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-24375 | A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3. | [email protected] | 6.5 | 0.30% | 2020-10-19 | 2024-11-21 |
| CVE-2020-24377 | A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3. | [email protected] | 9.6 | 0.48% | 2020-09-16 | 2024-11-21 |
| CVE-2020-24376 | A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3. | [email protected] | 9.6 | 0.48% | 2020-09-16 | 2024-11-21 |
| CVE-2020-24374 | A DNS rebinding vulnerability in Freebox v5 before 1.5.29. | [email protected] | 9.6 | 0.48% | 2020-09-16 | 2024-11-21 |
| CVE-2020-24373 | A CSRF vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3. | [email protected] | 8.8 | 0.17% | 2020-09-16 | 2024-11-21 |
| CVE-2014-9382 | Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation | [email protected] | 6.5 | 0.29% | 2020-01-13 | 2024-11-21 |
| CVE-2014-9405 | A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code. | [email protected] | 5.4 | 0.58% | 2020-01-06 | 2024-11-21 |