Information exposure vulnerability on Technicolor CGA2121
CGA2121 version 1.0.1
INCIBE has coordinated the publication of a high severity vulnerability affecting the Technicolor CGA2121 router version 1.01, which has been discovered by Edmundo Figueiras Gomez.
This vulnerability have been assigned the following code, CVSS v3.1 base score, CVSS vector and the CWE vulnerability type of each vulnerability:
- CVE-2024-3780: 7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | CWE-200
It is recommended to check with your service provider for firmware updates that do not expose sensitive network information and/or applicable workarounds.
CVE-2024-3780: A vulnerability of Information Exposure has been found on Technicolor CGA2121 affecting the version 1.01, this vulnerability allows a local attacker to obtain sensitive information stored on the device such as wifi network's SSID and their respective passwords.
