Overview
- Description
- The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sniff and intercept traffic to learn the administrative credentials to the router.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- CWE-319
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arcadyan:vrv9506jac23_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10232C4C-22AA-4364-BFFB-A239208DBD60"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arcadyan:vrv9506jac23:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F08F2A89-1668-420F-BA65-2D241D986A14"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]