Описание
The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:3com:3crwe454g72:1.0.2:*:*:*:*:*:*:*
cpe:2.3:h:3com:3crwe454g72:1.0.2.11:*:*:*:*:*:*:*
cpe:2.3:h:3com:3crwe454g72:1.0.3.5:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.0053
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.
EPSS
Процентиль: 67%
0.0053
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other