b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W500 DSL router allows remote attackers to obtain the logon password by reading the pwd field in the HTML source.
References
Configurations
History
No history.
Information
Published : 2008-03-10 17:44
Updated : 2024-02-28 11:01
NVD link : CVE-2008-1252
Mitre link : CVE-2008-1252
CVE.ORG link : CVE-2008-1252
JSON object : View
Products Affected
deutsche_telekom
- speedport_w500_dsl_router
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor