CVE-2008-6824

The management interface on the A-LINK WL54AP3 and WL54AP2 access points has a blank default password for the admin account, which makes it easier for remote attackers to obtain access.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.louhinetworks.fi/advisory/alink_081028.txt	Exploit Patch
http://www.securityfocus.com/archive/1/497997/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/51199
https://www.exploit-db.com/exploits/6899
http://www.louhinetworks.fi/advisory/alink_081028.txt	Exploit Patch
http://www.securityfocus.com/archive/1/497997/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/51199
https://www.exploit-db.com/exploits/6899

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:a-link:wl54ap2::::::::
	cpe:2.3:h:a-link:wl54ap3::::::::

History

21 Nov 2024, 00:57

Type	Values Removed	Values Added
References	~~() http://www.louhinetworks.fi/advisory/alink_081028.txt - Exploit, Patch~~	() http://www.louhinetworks.fi/advisory/alink_081028.txt - Exploit, Patch
References	~~() http://www.securityfocus.com/archive/1/497997/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/497997/100/0/threaded -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/51199 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/51199 -
References	~~() https://www.exploit-db.com/exploits/6899 -~~	() https://www.exploit-db.com/exploits/6899 -

Information

Published : 2009-06-04 16:30

Updated : 2024-11-21 00:57

NVD link : CVE-2008-6824

Mitre link : CVE-2008-6824

CVE.ORG link : CVE-2008-6824

JSON object : View

Products Affected

a-link

wl54ap2
wl54ap3

CWE

CWE-310

Cryptographic Issues

{"id": "CVE-2008-6824", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-06-04T16:30:00.267", "references": [{"url": "http://www.louhinetworks.fi/advisory/alink_081028.txt", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/497997/100/0/threaded", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51199", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/6899", "source": "cve@mitre.org"}, {"url": "http://www.louhinetworks.fi/advisory/alink_081028.txt", "tags": ["Exploit", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/497997/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51199", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/6899", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "The management interface on the A-LINK WL54AP3 and WL54AP2 access points has a blank default password for the admin account, which makes it easier for remote attackers to obtain access."}, {"lang": "es", "value": "El gestor de interfaz en los puntos de acceso A-LINK WL54AP3 y WL54AP2 tiene una contrase\u00f1a blanca por defecto para la cuenta de administrador, lo que hace m\u00e1s f\u00e1cil a los atacantes remotos obtener acceso."}], "lastModified": "2024-11-21T00:57:33.200", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:a-link:wl54ap2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C573A32E-B957-421C-A749-825D0D506983"}, {"criteria": "cpe:2.3:h:a-link:wl54ap3:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09F83E29-D0BF-4EEF-A867-782D4A2BD48D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}