Want to get paid for a vulnerability similar to this one?
Contact us at: firstname.lastname@example.org
See our full scope at: https://blogs.securiteam.com/index.php/product_scope
The following advisory describes four (4) vulnerabilities found in Livebox Fibra router version AR_LBFIBRA\_sp-00.03.04.112S. It is possible to chain the vulnerabilities into remote code execution.
The “Livebox Fibra” router is “manufactured by Arcadyan for Orange and Jazztel in Spain”
The vulnerabilities found in Arcadyan routers are:
- Unauthenticated configuration information leak
- Hard-coded credentials
- Memory leak
- Stack buffer Overflow
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
Arcadyan and Orange were informed of the vulnerabilities and patched them.
Continue reading SSD Advisory – Livebox Fibra (Orange Router) Multiple Vulnerabilities