ID
VAR-E-201904-0213
CVE
| cve_id: | CVE-2019-3915 | Trust: 0.3 |
sources:
BID: 107883
TITLE
Verizon Fios Quantum Gateway CVE-2019-3915 Command Injection Vulnerability
Trust: 0.3
sources:
BID: 107883
DESCRIPTION
Verizon Fios Quantum Gateway is prone to a command-injection vulnerability.
An attacker can exploit this issue to execute arbitrary commands with root privileges ; this may aid in further attacks.
Verizon Fios Quantum Gateway 02.01.00.05 is vulnerable; other versions may also be affected.
Trust: 0.3
sources:
BID: 107883
AFFECTED PRODUCTS
| vendor: | verizon | model: | fios quantum gateway | scope: | eq | version: | 02.01.00.05 | Trust: 0.3 |
| vendor: | verizon | model: | fios quantum gateway | scope: | ne | version: | 02.02.00.13 | Trust: 0.3 |
sources:
BID: 107883
EXPLOIT
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
Trust: 0.3
sources:
BID: 107883
PRICE
Free
Trust: 0.3
sources:
BID: 107883
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 107883
CREDITS
Chris Lyne
Trust: 0.3
sources:
BID: 107883
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-3915 | Trust: 0.3 |
| db: | BID | id: | 107883 | Trust: 0.3 |
sources:
BID: 107883
REFERENCES
| url: | http://www.verizonwireless.com/ | Trust: 0.3 |
| url: | https://medium.com/tenable-techblog/verizon-fios-router-authenticated-command-injection-f6d2ddec30fd | Trust: 0.3 |
sources:
BID: 107883
SOURCES
| db: | BID | id: | 107883 |
LAST UPDATE DATE
2022-07-27T09:44:34.146000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 107883 | date: | 2019-04-09T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 107883 | date: | 2019-04-09T00:00:00 |