Arbitrary Configuration File Upload and Sensitive Information Disclosure in Livebox 1.1

Arbitrary Configuration File Upload and Sensitive Information Disclosure in Livebox 1.1

CVE-2014-3150 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Livebox 1.1 allows remote authenticated users to upload arbitrary configuration files, download the configuration file, or obtain sensitive information via crafted Javascript.

Learn more about our User Device Pen Test.