CVE-2009-2274

Currently unrated

Key Information:

Vendor: Huawei
Status: D100
Vendor: CVE Published:; 1 July 2009

Summary

The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to (1) lan_status_adv.asp, (2) wlan_basic_cfg.asp, or (3) lancfg.asp in en/, related to use of JavaScript to protect against reading file contents.

References

http://www.securityfocus.com/archive/1/504645/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/35638

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jul 1, 2009
Vulnerability Reserved
Jul 1, 2009