CVE-2009-4197
Huawei MT882 Modem/Router - Multiple Vulnerabilities
Severity Score
4.7
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete.
rpwizPppoe.htm en Huawei MT882 V100R002B020 ARG-T ejecutando el firmware v3.7.9.98 contiene un formulario que no deshabilita la configuración de autocompletado para el parámetro "password", lo que facilita a un usuario local o a un atacante físicamente próximo obtener la contraseña desde navegadores web que soporten el autocompletado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-12-03 CVE Reserved
- 2009-12-03 First Exploit
- 2009-12-04 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/37194 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/54528 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/10276 | 2009-12-03 | |
| http://www.exploit-db.com/exploits/10276 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Mt882 Modem Firmware Search vendor "Huawei" for product "Mt882 Modem Firmware" | 3.7.9.98 Search vendor "Huawei" for product "Mt882 Modem Firmware" and version "3.7.9.98" | - |
Affected
| in | Huawei Search vendor "Huawei" | Mt882 Modem Search vendor "Huawei" for product "Mt882 Modem" | v100r002b020_arg-t Search vendor "Huawei" for product "Mt882 Modem" and version "v100r002b020_arg-t" | - |
Affected
|
| Huawei Search vendor "Huawei" | Mt882 V100t002b020 Arg-t Search vendor "Huawei" for product "Mt882 V100t002b020 Arg-t" | firmware_3.7.9.98 Search vendor "Huawei" for product "Mt882 V100t002b020 Arg-t" and version "firmware_3.7.9.98" | - |
Safe
| ||||||