vodafone CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

vodafone vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to vodafone, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 13 of 3 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2022-4985 Vodafone H500s devices running firmware v3.5.10 (hardware model Sercomm VFH500) expose the WiFi access point password via an unauthenticated HTTP endpoint. By sending a crafted GET request to /data/activation.json with specific headers and cookies, a remote attacker can retrieve a JSON document that contains the wifi_password field. This allows an unauthenticated attacker to obtain the WiFi credentials and gain unauthorized access to the wireless network, compromising confidentiality of network [email protected] 8.7 0.40% 2025-11-14 2026-06-17
CVE-2014-6891 The Vodafone Avantaj Cepte (aka com.vodafone.avantajcepte.main) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. [email protected] 5.4 0.27% 2014-10-10 2026-06-16
CVE-2014-5932 The Vodafone Mobile@Work (aka com.mobileiron.vodafone.MIClient) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. [email protected] 5.4 0.27% 2014-09-18 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence