Verizon 5G Home LVSKIHP outside devices through 2022-02-15 allow anyone (knowing the device's serial number) to access a CPE admin website, e.g., at the 10.0.0.1 IP address. The password (for the verizon username) is calculated by concatenating the serial number and the model (i.e., the LVSKIHP string), running the sha256sum program, and extracting the first seven characters concatenated with the last seven characters of that SHA-256 value.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-04-03T03:27:43
Updated: 2024-08-03T05:56:15.219Z
Reserved: 2022-04-03T00:00:00
Link: CVE-2022-28376
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-04-03T04:15:08.177
Modified: 2024-11-21T06:57:14.777
Link: CVE-2022-28376
Redhat
No data.