CVE-2002-1810

D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information.
References
Link Resource
http://online.securityfocus.com/archive/1/296374 Broken Link Third Party Advisory VDB Entry
http://www.iss.net/security_center/static/10424.php Broken Link
http://www.securityfocus.com/bid/6015 Broken Link Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:dlink:dwl-900ap\+_firmware:2.1:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dwl-900ap\+_firmware:2.2:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwl-900ap\+:-:*:*:*:*:*:*:*

History

14 Feb 2024, 17:25

Type Values Removed Values Added
CVSS v2 : 7.5
v3 : unknown
v2 : 7.5
v3 : 7.5
CWE NVD-CWE-Other CWE-306
First Time Dlink
Dlink dwl-900ap\+
Dlink dwl-900ap\+ Firmware
CPE cpe:2.3:h:d-link:dwl-900ap\+:2.2:*:*:*:*:*:*:*
cpe:2.3:h:d-link:dwl-900ap\+:2.1:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwl-900ap\+:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dwl-900ap\+_firmware:2.2:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dwl-900ap\+_firmware:2.1:*:*:*:*:*:*:*
References (BID) http://www.securityfocus.com/bid/6015 - (BID) http://www.securityfocus.com/bid/6015 - Broken Link, Third Party Advisory, VDB Entry
References (XF) http://www.iss.net/security_center/static/10424.php - (XF) http://www.iss.net/security_center/static/10424.php - Broken Link
References (BUGTRAQ) http://online.securityfocus.com/archive/1/296374 - (BUGTRAQ) http://online.securityfocus.com/archive/1/296374 - Broken Link, Third Party Advisory, VDB Entry

Information

Published : 2002-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2002-1810

Mitre link : CVE-2002-1810

CVE.ORG link : CVE-2002-1810


JSON object : View

Products Affected

dlink

  • dwl-900ap\+_firmware
  • dwl-900ap\+
CWE
CWE-306

Missing Authentication for Critical Function