CVE-2017-17463

Vivo modems allow remote attackers to obtain sensitive information by reading the index.cgi?page=wifi HTML source code, as demonstrated by ssid and psk_wepkey fields.
References
Link Resource
https://github.com/mateeuslinno/viv0n Third Party Advisory
https://github.com/mateeuslinno/viv0n Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:vivo:modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:vivo:modem:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:17

Type Values Removed Values Added
References () https://github.com/mateeuslinno/viv0n - Third Party Advisory () https://github.com/mateeuslinno/viv0n - Third Party Advisory

Information

Published : 2017-12-08 05:29

Updated : 2024-11-21 03:17


NVD link : CVE-2017-17463

Mitre link : CVE-2017-17463

CVE.ORG link : CVE-2017-17463


JSON object : View

Products Affected

vivo

  • modem_firmware
  • modem
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor