Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtc_fw_upgrade or crtcfwimage. The URL provided is not validated, and thus allows for arbitrary file upload to the device. This occurs in /lib/lua/luci/crtc.lua (IDU) and /lib/functions/wnc_jsonsh/wnc_crtc_fw.sh (ODU).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Verizon 5G Home LVSKIHP 代码问题漏洞
Vulnerability Description
Verizon 5G Home LVSKIHP是美国Verizon公司的一款一体化集成调制解调器和路由器。可提供对 Verizon Wireless 5G 无线家庭互联网服务的访问。 Verizon 5G Home LVSKIHP InDoorUnit(IDU)3.4.66.162版本和OutDoorUnit(ODU)3.33.101.0版本设备存在安全漏洞,该漏洞源于CRTC和ODU RPC端点提供了一种通过crtc_fw_upgrade或crtcfwimage为设备提供固件更新的方法。提供的URL没有
CVSS Information
N/A
Vulnerability Type
N/A