| Title | Multilaser Sirius RE016 MLT1.0 Information Disclosure |
|---|
| Description | This vulnerability allows unauthorized disclosure of administrative credentials from the Multilaser Sirius RE016 router via the /cgi-bin/cstecgi.cgi endpoint. A remote attacker can obtain the administrator’s username and password without authentication, exposing the device to severe security risks such as full router takeover, traffic interception, and internal network attacks. |
|---|
| Source | ⚠️ https://github.com/DefaultCh40s/RE016/blob/main/re016.py |
|---|
| User | DefaultCh40s (UID 85145) |
|---|
| Submission | 05/24/2025 22:22 (1 Year ago) |
|---|
| Moderation | 06/01/2025 13:11 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 310769 [Multilaser Sirius RE016 MLT1.0 /cgi-bin/cstecgi.cgi information disclosure] |
|---|
| Points | 19 |
|---|