Описание
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:verizon:fios_quantum_gateway_g1100_firmware:02.01.00.05:*:*:*:*:*:*:*
cpe:2.3:h:verizon:fios_quantum_gateway_g1100:-:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00961
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-425
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).
EPSS
Процентиль: 76%
0.00961
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-425