Vulnerability Details CVE-2005-0112
The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/13942
- http://securitytracker.com/id?1012958
- http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities
- http://www.securityfocus.com/bid/12322
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18994
- http://secunia.com/advisories/13942
- http://securitytracker.com/id?1012958
- http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities
- http://www.securityfocus.com/bid/12322
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18994
Products affected by CVE-2005-0112
-
cpe:2.3:h:3com:3crwe454g72:1.0.2
-
cpe:2.3:h:3com:3crwe454g72:1.0.2.11
-
cpe:2.3:h:3com:3crwe454g72:1.0.3.5