ID
VAR-200211-0077
TITLE
Multi-vendor wireless access point remote information disclosure vulnerability
Trust: 0.6
DESCRIPTION
GlobalSunTech develops a variety of OEM wireless access point devices such as Linksys, D-Link, and other products. A variety of wireless access point devices developed by GlobalSunTech have incorrectly processed some broadcast requests. Remote attackers can use this vulnerability to obtain sensitive information contained in the device, including administrator passwords. An attacker can send a broadcast packet containing the "gstsearch" string to the UDP port 27155 of the wireless access point device, which can cause the device to return sensitive information including WEB keys, MAC filtering, and administrator passwords. Attackers can use this information to further attack and control the device.
Trust: 0.6
IOT TAXONOMY
category: | ['IoT'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
vendor: | none | model: | - | scope: | - | version: | - | Trust: 0.6 |
EXTERNAL IDS
db: | CNVD | id: | CNVD-2002-3979 | Trust: 0.6 |
SOURCES
db: | CNVD | id: | CNVD-2002-3979 |
LAST UPDATE DATE
2022-05-04T09:49:31.936000+00:00
SOURCES UPDATE DATE
db: | CNVD | id: | CNVD-2002-3979 | date: | 2002-11-06T00:00:00 |
SOURCES RELEASE DATE
db: | CNVD | id: | CNVD-2002-3979 | date: | 2002-11-03T00:00:00 |