Vulnerability Details CVE-2019-7404
An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated user can read a log file via an HTTP request containing its full pathname, such as http://192.168.0.1/var/gapm7100_${today's_date}.log for reading a filename such as gapm7100_190101.log.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-7404
-
cpe:2.3:h:lg:gamp-7100:-
-
cpe:2.3:h:lg:gapm-7200:-
-
cpe:2.3:h:lg:gapm-8000:-
-
cpe:2.3:o:lg:gamp-7100_firmware:-
-
cpe:2.3:o:lg:gapm-7200_firmware:-
-
cpe:2.3:o:lg:gapm-8000_firmware:-