Unauthenticated Credential Theft via Crafted ESSID in PIX-Link Repeater/Router LV-WR09 (v28K.MiniRouter.20180616) Firmware

Unauthenticated Credential Theft via Crafted ESSID in PIX-Link Repeater/Router LV-WR09 (v28K.MiniRouter.20180616) Firmware

CVE-2019-11877 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

XSS on the PIX-Link Repeater/Router LV-WR09 with firmware v28K.MiniRouter.20180616 allows attackers to steal credentials without being connected to the network. The attack vector is a crafted ESSID.

Learn more about our Network Penetration Testing.