9 matches found
CVE-2020-35756
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luciservice GETPASS Configuration Password Information Leak. The luciservice daemon running on port 7777 does not require authentication to return the device configuration password in cleartext when using the GETPASS...
CVE-2020-35755
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luciservice Read NVRAM Direct Access Information Leak. The luciservice deamon running on port 7777 provides a sub-category of commands for which Read is prepended. Commands in this category are able to directly read the...
CVE-2020-35756
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luciservice GETPASS Configuration Password Information Leak. The luciservice daemon running on port 7777 does not require authentication to return the device configuration password in cleartext when using the GETPASS...
Design/Logic Flaw
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luciservice Read NVRAM Direct Access Information Leak. The luciservice deamon running on port 7777 provides a sub-category of commands for which Read is prepended. Commands in this category are able to directly read the...
Design/Logic Flaw
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luciservice GETPASS Configuration Password Information Leak. The luciservice daemon running on port 7777 does not require authentication to return the device configuration password in cleartext when using the GETPASS...
CVE-2020-35756
Summary: CVE-2020-35756 affects Libre Wireless LS9 LS1.5/p7040 devices. The luci_service daemon on port 7777 accepts a GETPASS command without authentication and returns the device configuration password in cleartext, enabling unauthenticated access to leak the user’s configuration password. Affe...
CVE-2020-35756
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luciservice GETPASS Configuration Password Information Leak. The luciservice daemon running on port 7777 does not require authentication to return the device configuration password in cleartext when using the GETPASS...
CVE-2020-35755
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luciservice Read NVRAM Direct Access Information Leak. The luciservice deamon running on port 7777 provides a sub-category of commands for which Read is prepended. Commands in this category are able to directly read the...
CVE-2020-35755
CVE-2020-35755 affects Libre Wireless LS9 LS1.5/p7040 devices. The issue is a direct information leak via the luci_service daemon on port 7777, where a Read_ command category enables reading the device configuration NVRAM. This allows access to sensitive data stored in NVRAM, including the Wi‑Fi ...