Submit #316276: Keenetic Omni Router, Carrier Router, Viva Router, Ultra Router, Ultra II Router, Giga Router * 4.1.2.15/4.1.2.14/4.0.2.215/3.7.77/3.5.68/1.6.49 Information Disclosureinfo

TitleKeenetic Omni Router, Carrier Router, Viva Router, Ultra Router, Ultra II Router, Giga Router * 4.1.2.15/4.1.2.14/4.0.2.215/3.7.77/3.5.68/1.6.49 Information Disclosure
DescriptionThe Keenetic Router was found to expose sensitive configuration details through JavaScript files ndmComponents.js and version.js. These files include detailed information about enabled components and system version, hardware ID, and operational modes which can be leveraged by an attacker to gain insights into the system configuration without authentication and potentially exploit specific vulnerabilities or misconfigurations, affecting over 387,000 devices on the Internet.
Source⚠️ https://netsecfish.notion.site/Information-Disclosure-in-Keenetic-Router-d4a12a499cef4acf80e191bdaf20c151?pvs=4
User
 netsecfish (UID 64568)
Submission04/14/2024 14:55 (2 years ago)
Moderation04/20/2024 15:51 (6 days later)
StatusAccepted
VulDB entry261674 [Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 up to 4.1.2.15 Version Data /version.js information disclosure]
Points17

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!