Back to search
CVE-2018-20576
Published: Dec 28, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
Orange Livebox 00.96.320S devices allow cgi-bin/autodialing.exe and cgi-bin/phone_test.exe CSRF, leading to arbitrary outbound telephone calls to an attacker-specified telephone number. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T VR9 1.2.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://gbhackers.com/orange-adsl-modems/
x_refsource_MISC
https://github.com/zadewg/LIVEBOX-0DAY
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now