CVE-2023-41010

MEDIUM

China Telecom Tianyi Home Gateway v.TEWA-700G - Info Disclosure

Title source: llm

Description

Insecure Permissions vulnerability in Sichuan Tianyi Kanghe Communication Co., Ltd China Telecom Tianyi Home Gateway v.TEWA-700G allows a local attacker to obtain sensitive information via the default password parameter.

References (1)

[Exploit, Third Party Advisory] https://github.com/te5tb99/For-submitting/wiki/China-Telecom-Tianyi-Home-Gateway-TEWA%E2%80%90700G

Scores

CVSS v3 5.5

EPSS 0.0005

EPSS Percentile 16.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522

Status published

Affected Products (1)

tianyisc/tewa-700g_firmware

Timeline

Published Sep 14, 2023

Tracked Since Feb 18, 2026