CVE-2009-4197
Published Dec 4, 2009
Last updated 7 years ago
Overview
- Description
- rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.7
- Impact score
- 6.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mt882_v100t002b020_arg-t:firmware_3.7.9.98:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FE8845ED-BEA2-42C7-BC6E-7F7783055484"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:mt882_modem_firmware:3.7.9.98:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76CBDC9C-9CC2-4B7E-AA28-6160E16222C2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mt882_modem:v100r002b020_arg-t:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "441C9425-A051-429F-A9CF-C63DC7A3C063"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]