CVE-2006-2901

Currently unrated

Key Information:

Vendor: D-link
Status: Dwl-2100ap
Vendor: CVE Published:; 7 June 2006

Summary

The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/436281/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 7, 2006
Vulnerability Reserved
Jun 7, 2006