Primary

Context

Multilaser Sirius RE016 Information Disclosure Vulnerability in cstecgi.cgi

Vulnerability

An information disclosure vulnerability has been identified in the Multilaser Sirius RE016 model, specifically in the file '/cgi-bin/cstecgi.cgi'. This vulnerability allows for unauthorized access to sensitive information and can be exploited remotely.

Impact

Exploitation of this vulnerability leads to unauthorized information disclosure.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/cgi-bin/cstecgi.cgi' with a payload requesting 'setting/getLoginCfg'. If successful, the response will contain the login credentials.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Multilaser Sirius RE016 Information Disclosure Vulnerability in cstecgi.cgi

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating