CVE advisoryCRITICAL
CVE-2021-27715
MoFi Router Authentication Bypass and Code Execution
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
An authentication bypass vulnerability in MoFi network devices allows unauthenticated attackers to execute arbitrary code via a crafted HTTP request. If reachable, this could lead to unauthorized access and compromise of the device and potentially the network it serves.