Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).
References
Link | Resource |
---|---|
https://www.tenable.com/security/research/tra-2019-17 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: tenable
Published: 2019-04-11T14:12:44
Updated: 2019-04-11T14:12:44
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3916
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-04-11T15:29:00.543
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-3916
JSON object: View
Redhat Information
No data.
CWE