5.3
CVE-2024-40750
- EPSS 0.1%
- Veröffentlicht 09.07.2024 20:15:12
- Zuletzt bearbeitet 30.06.2025 15:15:24
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linksys ≫ Mx6200 Firmware Version1.0.8.215731
Linksys ≫ Mbe7000 Firmware Version1.0.10.215314
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.013 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 1.8 | 3.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
|
CWE-312 Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
https://news.ycombinator.com/item?id=40917312
https://stackdiary.com/linksys-velop-routers-send-wi-fi-passwords-in-plaintext-to-us-servers/