GCVE - cpe:2.3:a:free:freebox_os:3.0.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:free:freebox_os:3.0.2:*:*:*:*:*:*:*

part: a version: 3.0.2 update: *

Vendor	Free (`6410cab4-060e-59bb-ba69-1b618589441d`)
Product	Freebox Os (`896117bd-4deb-5f95-9df5-f9b6bbb38b46`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-9405`	vulnerable	2026-06-03 14:34:26.826775	Details available A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code. Published: 2020-01-06T21:16:38.000Z Updated: 2024-08-06T13:40:25.043Z Open on db.gcve.eu Reference links http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html http://www.securityfocus.com/bid/74936 http://seclists.org/fulldisclosure/2015/Jun/1 http://www.securityfocus.com/archive/1/535660/100/0/threaded	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9382`	vulnerable	2026-06-03 14:34:26.782260	Details available Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation Published: 2020-01-13T13:42:07.000Z Updated: 2024-08-06T13:40:24.966Z Open on db.gcve.eu Reference links http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html http://www.securityfocus.com/bid/74936 http://seclists.org/fulldisclosure/2015/Jun/1	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.