Information Disclosure Vulnerability in Huawei D100 Router

CVE-2009-2274

Summary

The Huawei D100 router is susceptible to an information disclosure vulnerability that enables remote attackers to gain unauthorized access to sensitive data. This flaw arises from improper implementations in the router's configuration pages, specifically through direct requests to lan_status_adv.asp, wlan_basic_cfg.asp, and lancfg.asp. This can lead to potential exposure of confidential information, as the router relies on JavaScript for basic security measures that are insufficient against direct access attempts.

References