UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent.
References
Link | Resource |
---|---|
https://youtu.be/GOMLavacqSI | Exploit Third Party Advisory |
https://github.com/ideaengine007/RandomStuffs/blob/main/Version_Vulnerable.PNG | Third Party Advisory |
https://www.exploit-db.com/exploits/49075 | Exploit Third Party Advisory VDB Entry |
https://medium.com/@niteshsurana/424f0db73129 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2020-11-17 12:15
Updated : 2020-12-02 06:15
NVD link : CVE-2020-25988
Mitre link : CVE-2020-25988
JSON object : View
CWE
CWE-319
Cleartext Transmission of Sensitive Information
Products Affected
genexis
- platinum_4410_firmware
- platinum_4410