PT-2009-6361 · Huawei · Huawei Mt882
Decodex01
·
Publicado
2009-12-04
·
Atualizado
2017-08-17
·
CVE-2009-4197
CVSS v2.0
4.7
Média
| Vetor | AV:L/AC:M/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Huawei MT882 V100R002B020 ARG-T version 3.7.9.98
Description
The issue concerns a form in rpwizPppoe.htm that does not disable the autocomplete setting for the
password parameter. This makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete.Recommendations
For version 3.7.9.98, consider disabling the autocomplete feature for the
password parameter in the rpwizPppoe.htm form to prevent easy access to the password.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Huawei Mt882