Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service Read_ NVRAM Direct Access Information Leak. The luci_service deamon running on port 7777 provides a sub-category of commands for which Read_ is prepended. Commands in this category are able to directly read the contents of the device configuration NVRAM. The NVRAM contains sensitive information, such as the Wi-Fi password (in cleartext), as well as connected account tokens for services such as Spotify.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Libre Wireless LS9 访问控制错误漏洞
Vulnerability Description
Libre Wireless LS9是美国Libre Wireless公司的一个网络设备。 Libre Wireless LS9 LS1.5/p7040 devices. 存在访问控制错误漏洞,该漏洞源于运行在端口7777上的luci服务守护程序提供了一个带有Read前缀的命令子类别。这类命令可以直接读取设备配置NVRAM的内容。NVRAM包含敏感信息,如Wi-Fi密码(明文),以及Spotify等服务的连接账户令牌。
CVSS Information
N/A
Vulnerability Type
N/A