Unauthenticated Log File Disclosure Vulnerability on LG GAMP-7100, GAPM-7200, and GAPM-8000 Routers

Unauthenticated Log File Disclosure Vulnerability on LG GAMP-7100, GAPM-7200, and GAPM-8000 Routers

CVE-2019-7404 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated user can read a log file via an HTTP request containing its full pathname, such as http://192.168.0.1/var/gapm7100_${today's_date}.log for reading a filename such as gapm7100_190101.log.

Learn more about our User Device Pen Test.