Описание
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcore_get.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in plain text.
EPSS
Процентиль: 11%
0.00039
Низкий
7.5 High
CVSS3
Дефекты
CWE-201
Связанные уязвимости
CVSS3: 7.5
github
4 дня назад
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcore_get.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in plain text.
EPSS
Процентиль: 11%
0.00039
Низкий
7.5 High
CVSS3
Дефекты
CWE-201