CVE-2018-18376

goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.
References
Link Resource
https://github.com/remix30303/AirboxLeak Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:orange:airbox_firmware:y858_fl_01.16_04:*:*:*:*:*:*:*
cpe:2.3:h:orange:airbox:-:*:*:*:*:*:*:*

Information

Published : 2018-10-15 18:29

Updated : 2018-12-06 06:06


NVD link : CVE-2018-18376

Mitre link : CVE-2018-18376


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

orange

  • airbox_firmware
  • airbox