CVE-2005-0112
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.
El interfaz administrativo basado en web de 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, y posiblemente versiones anteriores a 1.03.07A, permite a atacantes remotos saltarse la autenticaciĆ³n y obtener informaciĆ³n sensible accediendo directamente a las URLs de (1) config.bin, (2) profile.wlp=PN=ggg o (3) event.log.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-01-18 CVE Reserved
- 2005-01-22 CVE Published
- 2023-12-30 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/13942 | Third Party Advisory | |
| http://securitytracker.com/id?1012958 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18994 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/12322 | 2017-07-11 |
| URL | Date | SRC |
|---|---|---|
| http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities | 2017-07-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| 3com Search vendor "3com" | 3crwe454g72 Search vendor "3com" for product "3crwe454g72" | 1.0.2 Search vendor "3com" for product "3crwe454g72" and version "1.0.2" | - |
Affected
| ||||||
| 3com Search vendor "3com" | 3crwe454g72 Search vendor "3com" for product "3crwe454g72" | 1.0.2.11 Search vendor "3com" for product "3crwe454g72" and version "1.0.2.11" | - |
Affected
| ||||||
| 3com Search vendor "3com" | 3crwe454g72 Search vendor "3com" for product "3crwe454g72" | 1.0.3.5 Search vendor "3com" for product "3crwe454g72" and version "1.0.3.5" | - |
Affected
| ||||||