CVE-2019-3916

HIGH

Verizon Fios Quantum Gateway G1100 Firmware - Information Disclosure

Title source: rule

Description

Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).

References (1)

[Third Party Advisory] https://www.tenable.com/security/research/tra-2019-17

Scores

CVSS v3 7.5

EPSS 0.0096

EPSS Percentile 76.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-425

Status published

Products (1)

verizon/fios_quantum_gateway_g1100_firmware 02.01.00.05

Published Apr 11, 2019

Tracked Since Feb 18, 2026