CVE-2019-3915

HIGH

Verizon Fios Quantum Gateway G1100 Firmware - Authentication Bypass

Title source: rule

Description

Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface.

References (2)

[Third Party Advisory] https://www.tenable.com/security/research/tra-2019-17

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/107883

Scores

CVSS v3 7.5

EPSS 0.0021

EPSS Percentile 43.6%

Attack Vector ADJACENT_NETWORK

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-294

Status published

Products (1)

verizon/fios_quantum_gateway_g1100_firmware 02.01.00.05

Published Apr 11, 2019

Tracked Since Feb 18, 2026