exploitDog

CVE-2009-4197

Опубликовано: 04 дек. 2009

Источник: nvd

CVSS2: 4.7

EPSS Низкий

Описание

rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:huawei:mt882_v100t002b020_arg-t:firmware_3.7.9.98:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:a:huawei:mt882_modem_firmware:3.7.9.98:*:*:*:*:*:*:*

cpe:2.3:h:huawei:mt882_modem:v100r002b020_arg-t:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00137

Низкий

4.7 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-q7mr-fqfm-mhc9

github

почти 4 года назад

rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete.

EPSS

Процентиль: 34%

0.00137

Низкий

4.7 Medium

CVSS2

Дефекты

NVD-CWE-Other