CVE-2019-3914
published 2019-04-11CVE-2019-3914: Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute…
PriorityP276high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
29.89%
98.0th percentile
Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| verizon | fios_quantum_gateway | — | — |
| verizon | fios_quantum_gateway_g1100_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Command injection is triggered by adding a firewall access control rule for a network object with a crafted hostname — monitor POST requests to the router's admin web interface that include firewall/ACL rule creation with anomalous or shell-metacharacter-containing hostname fields. ↗
- →Attack requires authenticated access to the device's administrative web application; monitor for unexpected admin logins, especially from external/internet-facing IPs when remote administration is enabled. ↗
- →Internet-based exploitation is feasible when remote administration is enabled on the G1100; Shodan data indicates 15,323 Verizon routers with Remote Administration exposed — flag any G1100 devices with remote admin enabled as high-risk. ↗
- →CVE-2019-3915 (Login Replay) can be chained as a precursor to CVE-2019-3914 exploitation — detect HTTP (non-HTTPS) login requests to the router admin interface on the local network segment, as these can be sniffed and replayed. ↗
- →Vulnerable firmware version is 02.01.00.05; patched version is 02.02.00.13 — inventory Verizon Fios Quantum Gateway (G1100) devices and flag any running firmware below 02.02.00.13. ↗
- ·Exploitation is limited to authenticated attackers; remote exploitation over the internet is only possible if Remote Administration is explicitly enabled (disabled by default). ↗
- ·CVE-2019-3916 allows unauthenticated retrieval of the password salt via a URL, which combined with sniffed SHA-512 salted login hashes enables offline dictionary attacks — this can lower the bar for achieving the authenticated access required for CVE-2019-3914. ↗
CVSS provenance
nvdv3.07.2HIGHCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vulncheck7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-742j-rfqh-7886: Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02
ghsa_unreviewed·2022-05-13
CVE-2019-3914 [HIGH] CWE-78 GHSA-742j-rfqh-7886: Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02
Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname.
VulnCheck
verizon fios_quantum_gateway_g1100_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
vulncheck·2019·CVSS 7.2
CVE-2019-3914 [HIGH] verizon fios_quantum_gateway_g1100_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
verizon fios_quantum_gateway_g1100_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname.
Affected: verizon fios_quantum_gateway_g1100_firmware
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-08-28&host_type=src&vulnerability=cve-2019-3914; https://dashboar
No detection rules found.
No public exploits indexed.
Tenable
Verizon Fios Quantum Gateway Routers Patched for Multiple Vulnerabilities
blogs_tenable·2019-04-09
Verizon Fios Quantum Gateway Routers Patched for Multiple Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Verizon Fios Quantum Gateway Multiple Vulnerabilities
blogs_tenable·2019-04-09
Verizon Fios Quantum Gateway Multiple Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
New Vulnerabilities in Verizon Routers Expose Millions of Consumers, According to Tenable Research
blogs_tenable·2019-04-09·CVSS 7.2
[HIGH] New Vulnerabilities in Verizon Routers Expose Millions of Consumers, According to Tenable Research
## New Vulnerabilities in Verizon Routers Expose Millions of Consumers, According to Tenable Research
April 9, 2019
·
Columbia, MD
Threat actors could gain complete control of home routers and access to network traffic without needing physical access to the device
Tenable®, Inc. , the Cyber Exposure company, today announced that its research team has discovered multiple vulnerabilities in Verizon Fios Quantum Gateway routers. If exploited, the vulnerabilities would give an attacker complete control over the router and visibility into everything connected to it. Millions of these devices are currently in use in U.S. homes.
The rise of the smart home has turned the humble router into a top target for cybercriminals. These latest vulnerabilities discovered by Tenable Research (CVE-2019-39
2019-04-11
Published
Exploited in the wild