CVE-2019-3914

Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname.
References
Link Resource
https://www.tenable.com/security/research/tra-2019-17 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:verizon:fios_quantum_gateway_g1100_firmware:02.01.00.05:*:*:*:*:*:*:*
cpe:2.3:h:verizon:fios_quantum_gateway_g1100:-:*:*:*:*:*:*:*

Information

Published : 2019-04-11 07:29

Updated : 2020-08-24 10:37


NVD link : CVE-2019-3914

Mitre link : CVE-2019-3914


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

verizon

  • fios_quantum_gateway_g1100_firmware
  • fios_quantum_gateway_g1100