Vulnerabilities > CVE-2019-6279 - Unspecified vulnerability in Chinamobileltd Gpn2.4P21-C-Cn Firmware W2001En00

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

chinamobileltd

exploit available

NVD

Published: 2019-03-21

Updated: 2020-08-24

Summary

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have an Incorrect Access Control vulnerability via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password.

Vulnerable Configurations

Part	Description	Count
OS	Chinamobileltd Chinamobileltd Gpn2.4P21 C CN Firmware W2001En-00	1
Hardware	Chinamobileltd Chinamobileltd Gpn2.4P21 C CN -	1

Exploit-Db

file	exploits/hardware/webapps/46580.txt
id	EDB-ID:46580
last seen	2019-03-20
modified	2019-03-20
platform	hardware
port	80
published	2019-03-20
reporter	Exploit-DB
source	https://www.exploit-db.com/download/46580
title	PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control
type	webapps

Packetstorm

data source	https://packetstormsecurity.com/files/download/151274/plcwrgpn-access.txt
id	PACKETSTORM:151274
last seen	2019-01-29
published	2019-01-22
reporter	Kumar Saurav
source	https://packetstormsecurity.com/files/151274/PLC-Wireless-Router-GPN2.4P21-C-CN-Incorrect-Access-Control.html
title	PLC Wireless Router GPN2.4P21-C-CN Incorrect Access Control

data source	https://packetstormsecurity.com/files/download/152166/plcwrgpn2-access.txt
id	PACKETSTORM:152166
last seen	2019-03-21
published	2019-03-20
reporter	Kumar Saurav
source	https://packetstormsecurity.com/files/152166/PLC-Wireless-Router-GPN2.4P21-C-CN-Incorrect-Access-Control.html
title	PLC Wireless Router GPN2.4P21-C-CN Incorrect Access Control

Summary

Vulnerable Configurations

Exploit-Db

Packetstorm

References