3 matches found
CVE-2020-35755
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luciservice Read NVRAM Direct Access Information Leak. The luciservice deamon running on port 7777 provides a sub-category of commands for which Read is prepended. Commands in this category are able to directly read the...
CVE-2020-35756
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luciservice GETPASS Configuration Password Information Leak. The luciservice daemon running on port 7777 does not require authentication to return the device configuration password in cleartext when using the GETPASS...
CVE-2020-35758
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a Authentication Bypass in the Web Interface. This interface does not properly restrict access to internal functionality. Despite presenting a password login page on first access, authentication is not required to access...