cve/CVE-2018-20377.md at 410e68ca9dddb67493d84ae4fe8e1a9e392594db

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 17:22:02 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Orange Livebox 00.96.320S devices allow remote attackers to discover Wi-Fi credentials via /get_getnetworkconf.cgi on port 8080, leading to full control if the admin password equals the Wi-Fi password or has the default admin value. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T VR9 1.2.

POC

Reference

https://github.com/zadewg/LIVEBOX-0DAY
https://github.com/zadewg/LIVEBOX-0DAY

Github

https://github.com/HimmelAward/Goby_POC
https://github.com/Z0fhack/Goby_POC
https://github.com/angristan/awesome-stars
https://github.com/oski02/NSE
https://github.com/pawamoy/stars
https://github.com/zadewg/LIVEBOX-0DAY

1.0 KiB Raw Blame History

CVE-2018-20377

Description

POC

Reference

Github

1.0 KiB

Raw Blame History