exploitDog

GHSA-p5fq-87jh-gjq8

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).

Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).

Ссылки

EPSS

Процентиль: 76%

0.00961

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-425

Связанные уязвимости

CVE-2019-3916

CVSS3: 7.5

nvd

почти 7 лет назад

Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).

EPSS

Процентиль: 76%

0.00961

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-425