Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for Fios Quantum Gateway (G1100) by Verizon

    CVE-2019-3916 (GCVE-0-2019-3916)

    Vulnerability from nvd – Published: 2019-04-11 14:12 – Updated: 2024-08-04 19:26
    VLAI
    Summary
    Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).
    Severity
    No CVSS data available.
    CWE
    • Password Salt Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Verizon Fios Quantum Gateway (G1100) Affected: Firmware version 02.01.00.05
    Create a notification for this product.
    Date Public
    2019-04-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:26:27.582Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fios Quantum Gateway (G1100)",
              "vendor": "Verizon",
              "versions": [
                {
                  "status": "affected",
                  "version": "Firmware version 02.01.00.05"
                }
              ]
            }
          ],
          "datePublic": "2019-04-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Password Salt Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-11T14:12:44.000Z",
            "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
            "shortName": "tenable"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-17"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnreport@tenable.com",
              "ID": "CVE-2019-3916",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fios Quantum Gateway (G1100)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Firmware version 02.01.00.05"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Verizon"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Password Salt Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-17",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-17"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "assignerShortName": "tenable",
        "cveId": "CVE-2019-3916",
        "datePublished": "2019-04-11T14:12:44.000Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:26:27.582Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3915 (GCVE-0-2019-3915)

    Vulnerability from nvd – Published: 2019-04-11 13:59 – Updated: 2024-08-04 19:26
    VLAI
    Summary
    Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface.
    Severity
    No CVSS data available.
    CWE
    • Login Replay
    Assigner
    References
    Impacted products
    Vendor Product Version
    Verizon Fios Quantum Gateway (G1100) Affected: Firmware version 02.01.00.05
    Create a notification for this product.
    Date Public
    2019-04-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:26:27.754Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-17"
              },
              {
                "name": "107883",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107883"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fios Quantum Gateway (G1100)",
              "vendor": "Verizon",
              "versions": [
                {
                  "status": "affected",
                  "version": "Firmware version 02.01.00.05"
                }
              ]
            }
          ],
          "datePublic": "2019-04-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Login Replay",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-12T10:06:00.000Z",
            "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
            "shortName": "tenable"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-17"
            },
            {
              "name": "107883",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107883"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnreport@tenable.com",
              "ID": "CVE-2019-3915",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fios Quantum Gateway (G1100)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Firmware version 02.01.00.05"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Verizon"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Login Replay"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-17",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-17"
                },
                {
                  "name": "107883",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107883"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "assignerShortName": "tenable",
        "cveId": "CVE-2019-3915",
        "datePublished": "2019-04-11T13:59:46.000Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:26:27.754Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3914 (GCVE-0-2019-3914)

    Vulnerability from nvd – Published: 2019-04-11 13:53 – Updated: 2024-08-04 19:26
    VLAI Shadowserver
    Summary
    Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname.
    Severity
    No CVSS data available.
    CWE
    • Authenticated Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Verizon Fios Quantum Gateway (G1100) Affected: Firmware version 02.01.00.05
    Create a notification for this product.
    Date Public
    2019-04-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:26:27.491Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fios Quantum Gateway (G1100)",
              "vendor": "Verizon",
              "versions": [
                {
                  "status": "affected",
                  "version": "Firmware version 02.01.00.05"
                }
              ]
            }
          ],
          "datePublic": "2019-04-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authenticated Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-11T13:53:37.000Z",
            "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
            "shortName": "tenable"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-17"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnreport@tenable.com",
              "ID": "CVE-2019-3914",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fios Quantum Gateway (G1100)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Firmware version 02.01.00.05"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Verizon"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authenticated Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-17",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-17"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "assignerShortName": "tenable",
        "cveId": "CVE-2019-3914",
        "datePublished": "2019-04-11T13:53:37.000Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:26:27.491Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3916 (GCVE-0-2019-3916)

    Vulnerability from cvelistv5 – Published: 2019-04-11 14:12 – Updated: 2024-08-04 19:26
    VLAI
    Summary
    Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).
    Severity
    No CVSS data available.
    CWE
    • Password Salt Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Verizon Fios Quantum Gateway (G1100) Affected: Firmware version 02.01.00.05
    Create a notification for this product.
    Date Public
    2019-04-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:26:27.582Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fios Quantum Gateway (G1100)",
              "vendor": "Verizon",
              "versions": [
                {
                  "status": "affected",
                  "version": "Firmware version 02.01.00.05"
                }
              ]
            }
          ],
          "datePublic": "2019-04-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Password Salt Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-11T14:12:44.000Z",
            "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
            "shortName": "tenable"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-17"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnreport@tenable.com",
              "ID": "CVE-2019-3916",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fios Quantum Gateway (G1100)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Firmware version 02.01.00.05"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Verizon"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Password Salt Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-17",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-17"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "assignerShortName": "tenable",
        "cveId": "CVE-2019-3916",
        "datePublished": "2019-04-11T14:12:44.000Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:26:27.582Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3915 (GCVE-0-2019-3915)

    Vulnerability from cvelistv5 – Published: 2019-04-11 13:59 – Updated: 2024-08-04 19:26
    VLAI
    Summary
    Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface.
    Severity
    No CVSS data available.
    CWE
    • Login Replay
    Assigner
    References
    Impacted products
    Vendor Product Version
    Verizon Fios Quantum Gateway (G1100) Affected: Firmware version 02.01.00.05
    Create a notification for this product.
    Date Public
    2019-04-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:26:27.754Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-17"
              },
              {
                "name": "107883",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107883"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fios Quantum Gateway (G1100)",
              "vendor": "Verizon",
              "versions": [
                {
                  "status": "affected",
                  "version": "Firmware version 02.01.00.05"
                }
              ]
            }
          ],
          "datePublic": "2019-04-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Login Replay",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-12T10:06:00.000Z",
            "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
            "shortName": "tenable"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-17"
            },
            {
              "name": "107883",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107883"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnreport@tenable.com",
              "ID": "CVE-2019-3915",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fios Quantum Gateway (G1100)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Firmware version 02.01.00.05"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Verizon"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Login Replay"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-17",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-17"
                },
                {
                  "name": "107883",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107883"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "assignerShortName": "tenable",
        "cveId": "CVE-2019-3915",
        "datePublished": "2019-04-11T13:59:46.000Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:26:27.754Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3914 (GCVE-0-2019-3914)

    Vulnerability from cvelistv5 – Published: 2019-04-11 13:53 – Updated: 2024-08-04 19:26
    VLAI Shadowserver
    Summary
    Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname.
    Severity
    No CVSS data available.
    CWE
    • Authenticated Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Verizon Fios Quantum Gateway (G1100) Affected: Firmware version 02.01.00.05
    Create a notification for this product.
    Date Public
    2019-04-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:26:27.491Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2019-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fios Quantum Gateway (G1100)",
              "vendor": "Verizon",
              "versions": [
                {
                  "status": "affected",
                  "version": "Firmware version 02.01.00.05"
                }
              ]
            }
          ],
          "datePublic": "2019-04-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authenticated Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-11T13:53:37.000Z",
            "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
            "shortName": "tenable"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-17"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnreport@tenable.com",
              "ID": "CVE-2019-3914",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fios Quantum Gateway (G1100)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Firmware version 02.01.00.05"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Verizon"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authenticated Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2019-17",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2019-17"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "assignerShortName": "tenable",
        "cveId": "CVE-2019-3914",
        "datePublished": "2019-04-11T13:53:37.000Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:26:27.491Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }