Remote Information Disclosure in D-Link Wireless Access Point
CVE-2006-2901

Currently unrated

Key Information:

Vendor

D-link
Status
Dwl-2100ap
Vendor
CVE Published:
7 June 2006

What is CVE-2006-2901?

The D-Link Wireless Access Point, specifically the DWL-2100ap with firmware version 2.10na and prior, is susceptible to a remote information disclosure vulnerability. This security flaw allows an attacker to gain unauthorized access to sensitive system information by sending requests to arbitrary configuration (.cfg) files, which can reveal critical data including passwords and other configuration settings. Such exposure can lead to unauthorized management of the device, posing risks to the security and integrity of the network.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/436281/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.gnucitizen.org/projects/router-hacking-challenge/
x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2006-2901 : Remote Information Disclosure in D-Link Wireless Access Point