- Description
- GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:alloy:gl-2422ap-s:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E479E2A2-E665-407C-90B2-98ED2519C278"
},
{
"criteria": "cpe:2.3:h:d-link:dwl-900ap\\+:b1_2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9B57384-28F5-4E46-8C91-0763F3AF00C0"
},
{
"criteria": "cpe:2.3:h:d-link:dwl-900ap\\+:b1_2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7F88095-C09D-4B32-9C19-AFCA56D25264"
},
{
"criteria": "cpe:2.3:h:eusso:gl2422_ap:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5AE7C2B-3E13-4190-8B23-869CA545F4F3"
},
{
"criteria": "cpe:2.3:h:linksys:wap11:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51EC19D0-E959-4F22-BB40-AADF37A672F8"
},
{
"criteria": "cpe:2.3:h:wisecom:gl2422ap-0t:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74AB2249-644D-404B-84D9-726344639BD0"
}
],
"operator": "OR"
}
]
}
]