Remote Information Disclosure in D-Link Wireless Access Point
CVE-2006-2901

Currently unrated

Key Information:

Vendor: D-link
Status: Dwl-2100ap
Vendor: CVE Published:; 7 June 2006

Summary

The D-Link Wireless Access Point, specifically the DWL-2100ap with firmware version 2.10na and prior, is susceptible to a remote information disclosure vulnerability. This security flaw allows an attacker to gain unauthorized access to sensitive system information by sending requests to arbitrary configuration (.cfg) files, which can reveal critical data including passwords and other configuration settings. Such exposure can lead to unauthorized management of the device, posing risks to the security and integrity of the network.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/436281/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 7, 2006
Vulnerability Reserved
Jun 7, 2006