Overview
- Description
- Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week's logs stored in the 'log2' directory. An attacker could retrieve sensitive information such as remembered wifi networks, sent messages, SOS device locations and device configurations.
- Source
- cve-coordination@incibe.es
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:reachfargps:reachfar_gps:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2791B085-7B96-40BD-B133-0175B19809AC"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:reachfargps:reachfar_gps_firmware:28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A968B88-4FD1-48E6-9C2D-F1D8DC867511"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]