RSS   Vulnerabilities for 'WEFI'   RSS

2008-07-11
 
CVE-2008-3147

CWE-200
 

 
WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) WPA, and (3) WPA2 access-point keys in (a) ClientWeFiLog.dat, (b) ClientWeFiLog.bak, and possibly (c) a certain .inf file under %PROGRAMFILES%\WeFi\Users\, and uses cleartext for the ClientWeFiLog files, which allows local users to obtain sensitive information by reading these files.

 


Copyright 2024, cxsecurity.com

 

Back to Top