CVE-2017-9134 in Client Radiosinformation

Résumé (Anglaise)

An information-leakage issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. There is a page in the web interface that will show you the device's serial number, regardless of whether or not you have logged in. This information-leakage issue is relevant because there is another page (accessible without any authentication) that allows you to remotely factory reset the device simply by entering the serial number.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Réserver

21/05/2017

Divulgation

21/05/2017

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
101542Mimosa Client Radios/Backhaul Radios Web divulgation d'information200Non définiCorrectif officielCVE-2017-9134

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant