Remote Information Disclosure Vulnerability in Vivo Modems
CVE-2017-17463

7.5HIGH

Key Information:

Vendor: Vivo
Status: Modem Firmware
Vendor: CVE Published:; 8 December 2017

Summary

Vivo modems have a vulnerability that allows remote attackers to reveal sensitive information through improper handling of HTML source code. By accessing the 'index.cgi?page=wifi', attackers can extract critical data, including the network SSID and WEP key, compromising the integrity of the wireless network. This vulnerability poses significant risks to users, making it essential for companies and individuals to secure their devices against such exploitation.

References

https://github.com/mateeuslinno/viv0n

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 8, 2017