CVE-2003-1346

Current Description

D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager.

Basic Data

PublishedDecember 31, 2003
Last ModifiedJuly 29, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-264
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3HardwareD-linkDwl-900ap2.2*******
    2.3HardwareD-linkDwl-900ap2.3*******
    2.3HardwareD-linkDwl-900ap2.5*******

Vulnerable Software List

VendorProductVersions
D-link Dwl-900ap 2.2, 2.3, 2.5

References

NameSourceURLTags
20030114 D-Link DWL-900AP+ Security Holehttp://marc.info/?l=bugtraq&m=104267037431451&w=2BUGTRAQ
20030116 Re: D-Link DWL-900AP+ Security Holehttp://marc.info/?l=bugtraq&m=104311601319909&w=2BUGTRAQ
6609http://www.securityfocus.com/bid/6609BID
1005926http://www.securitytracker.com/id?1005926SECTRACK
dlink-airplus-restore-default(11074)https://exchange.xforce.ibmcloud.com/vulnerabilities/11074XF