Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-0112

The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.

Published

2005-04-14T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	3com	3crwe454g72	1.0.2	Yes
Hardware	3com	3crwe454g72	1.0.2.11	Yes
Hardware	3com	3crwe454g72	1.0.3.5	Yes

References

http://secunia.com/advisories/13942 ([email protected])
http://securitytracker.com/id?1012958 ([email protected])
http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/12322 Patch, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/18994 ([email protected])
http://secunia.com/advisories/13942 (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1012958 (af854a3a-2127-422b-91ae-364da2661108)
http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/12322 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18994 (af854a3a-2127-422b-91ae-364da2661108)