CVE-2019-3916

Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).
References
Link Resource
https://www.tenable.com/security/research/tra-2019-17 Third Party Advisory
Configurations

Configuration 1


Information

Published : 2019-04-11 03:29

Updated : 2020-08-24 05:37


NVD link : CVE-2019-3916

Mitre link : CVE-2019-3916

CWE
CWE-425

Direct Request ('Forced Browsing')