Lucene search
+L

CVE-2017-16887

🗓️ 12 Jan 2018 17:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 83 Views🌐 WEB

The FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 portal is vulnerable to unauthorized access, potentially leading to disclosure of the WLAN key/password

Related
Detection
Refs
Paths
NVD
Node
AND
ParameterPositionPathDescriptionCWE
router_usernamequery paramxml_action.cgi?method=get&module=duster&file=adminUnauthorized access to device admin credentials via SOAP-like admin endpoint.CWE-275
router_passwordquery paramxml_action.cgi?method=get&module=duster&file=adminUnauthorized access to device admin credentials via SOAP-like admin endpoint.CWE-275
hardware_versionquery paramxml_action.cgi?method=get&module=duster&file=status1Disclosure of device status and configuration via status endpoint.CWE-275
device_namequery paramxml_action.cgi?method=get&module=duster&file=status1Disclosure of device status and configuration via status endpoint.CWE-275
version_numquery paramxml_action.cgi?method=get&module=duster&file=status1Disclosure of device status and configuration via status endpoint.CWE-275
gatewayquery paramxml_action.cgi?method=get&module=duster&file=status1Disclosure of device status and configuration via status endpoint.CWE-275
ssidquery paramxml_action.cgi?method=get&module=duster&file=status1Disclosure of device status and configuration via status endpoint.CWE-275
dns1query paramxml_action.cgi?method=get&module=duster&file=status1Disclosure of device status and configuration via status endpoint.CWE-275
dns2query paramxml_action.cgi?method=get&module=duster&file=status1Disclosure of device status and configuration via status endpoint.CWE-275
IMEIquery paramxml_action.cgi?method=get&module=duster&file=status1Disclosure of device status and configuration via status endpoint.CWE-275
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation