Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
D-Link DWL-900AP+ TFTP服务器任意文件获取漏洞
Vulnerability Description
DWL-900AP+是一款由D-Link开发的WiFi/802.11b无线访问接入点系统。 DWL-900AP+包含未公开的TFTP服务程序,远程攻击者可以利用这个TFTP服务器获得设备敏感信息数据。 攻击者可以通过向TFTP服务器请求设备配置文件"config.img",就可以获得设备配置信息,包括: -HTTP用户接口的"admin"密码。 -WEP加密密钥。 -网络配置数据(地址,SSID等)。 这些数据以明文信息存在,通过这些数据,攻击者可能可以控制整个设备。 另外,通过访问请求TFTP服务器,还
CVSS Information
N/A
Vulnerability Type
N/A