CVE-2019-7404

An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated user can read a log file via an HTTP request containing its full pathname, such as http://192.168.0.1/var/gapm7100_${today's_date}.log for reading a filename such as gapm7100_190101.log.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:lg:gamp-7100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:gamp-7100:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:lg:gapm-7200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:gapm-7200:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:lg:gapm-8000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:gapm-8000:-:*:*:*:*:*:*:*

Information

Published : 2019-05-13 07:29

Updated : 2021-07-21 04:39


NVD link : CVE-2019-7404

Mitre link : CVE-2019-7404


JSON object : View

CWE
CWE-306

Missing Authentication for Critical Function

Advertisement

dedicated server usa

Products Affected

lg

  • gamp-7100
  • gapm-7200
  • gapm-8000
  • gapm-8000_firmware
  • gapm-7200_firmware
  • gamp-7100_firmware