Required CVE Record Information
Description
The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords.
References 11 Total
- securityfocus.com: 20080301 The Router Hacking Challenge is Over! mailing-list
- securityfocus.com: 20060607 ADVISORY - D-Link Wireless Access-Point mailing-list
- http://www.gnucitizen.org/projects/router-hacking-challenge/
- secunia.com: 20474 third-party-advisory
- securityfocus.com: 18299 vdb-entry
- securitytracker.com: 1016234 vdb-entry
- exchange.xforce.ibmcloud.com: dlink-config-file-access(26973) vdb-entry
- http://www.intruders.com.br/adv0206en.html
- http://www.intruders.org.br/adv0206en.html
- securityreason.com: 1064 third-party-advisory
- vupen.com: ADV-2006-2186 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 11 Total
- securityfocus.com: 20080301 The Router Hacking Challenge is Over! mailing-listx_transferred
- securityfocus.com: 20060607 ADVISORY - D-Link Wireless Access-Point mailing-listx_transferred
- http://www.gnucitizen.org/projects/router-hacking-challenge/ x_transferred
- secunia.com: 20474 third-party-advisoryx_transferred
- securityfocus.com: 18299 vdb-entryx_transferred
- securitytracker.com: 1016234 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: dlink-config-file-access(26973) vdb-entryx_transferred
- http://www.intruders.com.br/adv0206en.html x_transferred
- http://www.intruders.org.br/adv0206en.html x_transferred
- securityreason.com: 1064 third-party-advisoryx_transferred
- vupen.com: ADV-2006-2186 vdb-entryx_transferred