Vulnerability CVE-2002-1810


Published: 2002-12-31   Modified: 2012-02-12

Description:
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
D-link -> Dwl-900ap+ 

 References:
http://www.securityfocus.com/bid/6015
http://www.iss.net/security_center/static/10424.php

Copyright 2021, cxsecurity.com

 

Back to Top