1 results (0.002 seconds)
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2019-16340
https://notcve.org/view.php?id=CVE-2019-16340
21 Nov 2019 — Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI. Los dispositivos Belkin Linksys Velop versión 1.1.8.192419, permiten a atacantes remotos detectar la clave de recuperación mediante una petición directa para el URI /sysinfo_json.cgi. • http://s3.amazonaws.com/downloads.linksys.com/support/assets/releasenotes/WHW03_A03_Velop_Customer_Release_Notes_1.1.9.195026.txt • CWE-425: Direct Request ('Forced Browsing') •