CVE-2009-2274

2009-07-0112:26:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.0%

JSON

The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to (1) lan_status_adv.asp, (2) wlan_basic_cfg.asp, or (3) lancfg.asp in en/, related to use of JavaScript to protect against reading file contents.

References

secunia.com/advisories/35638

www.securityfocus.com/archive/1/504645/100/0/threaded