Nearly 19,500 Orange LiveBox ADSL modems are leaking WiFi credentials:

– vulnerability (CVE-2018-20377) allows a remote attacker to obtain the WiFi password and SSID for the modem's internal WiFi network just by accessing the modem's get_getnetworkconf.cgi
– nearly all modems are located in France and Spain
– see also

@infosechandbook @valere faille connue depuis 2015 quand même 🤔 🤪 ah Orange et sa réactivité 🤪 🤔 enfin son absence de réactivité 😂

Sign in to participate in the conversation

This instance was shut down on March 31st, 2020.