CVE-2019-3916

Summary

Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).

Affected Software

VendorProductVersion RangeStatus
VerizonFios Quantum Gateway (G1100)Firmware version 02.01.00.05affected

Weaknesses

  • Password Salt Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References