Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Phicomm多款产品安全漏洞
Vulnerability Description
PHICOMM K2等都是中国斐讯(PHICOMM)公司的产品。PHICOMM K2是一款无线路由器。PHICOMM K3是一个双频千兆无线 WiFi 路由器。PHICOMM K3C是一个双频千兆无线 WiFi 路由器。 Phicomm 多款产品存在安全漏洞,该漏洞源于LocalClientList.asp接口访问限制不当。远程攻击者可利用该漏洞绕过安全限制,获取局域网设备的敏感信息,包括IP地址和MAC地址。该漏洞允许远程攻击者获得对其他受限制功能的未经授权访问。
CVSS Information
N/A
Vulnerability Type
N/A