CVE-2006-2901

Name of the Vulnerable Software and Affected Versions D-Link Wireless Access-Point (DWL-2100ap) versions 2.10na and earlier

Description The issue allows remote attackers to obtain sensitive system information, including passwords, by requesting an arbitrary .cfg file from the web server. This provides configuration information.

Recommendations For D-Link Wireless Access-Point (DWL-2100ap) versions 2.10na and earlier, consider restricting access to the web server to minimize the risk of exploitation. Avoid using the web server to store sensitive configuration information until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.