CVE-2009-4197

rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or HTML via the 1 BackButton parameter to error1; 2 wzConnFlag parameter to freshpppoe1; 3...

CVE-2009-4197

Vulnerability CVE-2009-4197 affects Huawei MT882 devices (ARG-T, firmware 3.7.9.98; V100R002B020). The issue is a web form (rpwizPppoe.htm) that does not disable the password field autocomplete, enabling local or physically proximate attackers to obtain passwords via browsers that support autocom...

CVE-2009-4196

Multiple cross-site scripting XSS vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or HTML via the 1 BackButton parameter to error1; 2 wzConnFlag parameter to freshpppoe1; 3...

CVE-2009-4196

CVE-2009-4196 describes multiple cross-site scripting (XSS) vulnerabilities in Huawei MT882 firmware (ARG-T, V100R002B020, 3.7.9.98). The vulnerabilities enable remote attackers to inject arbitrary web script or HTML via a long list of parameters across several scripts (e.g., error_1, fresh_pppoe...