Vulnerability CVE-2017-16887


Published: 2018-01-12

Description:
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services can result in disclosure of the WLAN key/password.

See advisories in our WLB2 database:
Topic
Author
Date
High
FiberHome LM53Q1 Multiple Vulnerabilities
Ibad Shah
08.01.2018

Type:

CWE-275

(Permission Issues)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Fiberhome -> Lm53q1 firmware 

 References:
http://seclists.org/fulldisclosure/2018/Jan/28
https://www.exploit-db.com/exploits/43460/

Copyright 2024, cxsecurity.com

 

Back to Top