PT-2006-3819 · D Link · D-Link Wireless Access-Point

Wendel Guglielmetti Henrique

Published

2006-06-07

Updated

2018-10-18

CVE-2006-2901

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions D-Link Wireless Access-Point (DWL-2100ap) versions 2.10na and earlier

Description The issue allows remote attackers to obtain sensitive system information, including passwords, by requesting an arbitrary .cfg file from the web server. This provides configuration information.

Recommendations For D-Link Wireless Access-Point (DWL-2100ap) versions 2.10na and earlier, consider restricting access to the web server to minimize the risk of exploitation. Avoid using the web server to store sensitive configuration information until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2901

Affected Products

D-Link Wireless Access-Point

PT-2006-3819 · D Link · D-Link Wireless Access-Point

CVE-2006-2901

Related Identifiers

Affected Products

References · 13