The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and has (2) a default password of admin for the admin account in the telnet interface; which makes it easier for remote attackers to obtain access.
Max CVSS
10.0
EPSS Score
0.54%
Published
2009-07-01
Updated
2018-10-10
The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to (1) lan_status_adv.asp, (2) wlan_basic_cfg.asp, or (3) lancfg.asp in en/, related to use of JavaScript to protect against reading file contents.
Max CVSS
7.8
EPSS Score
0.41%
Published
2009-07-01
Updated
2018-10-10
2 vulnerabilities found