Vulnerabilities > CVE-2004-1596 - Information Disclosure and Authentication Bypass vulnerability in 3Com 3CRADSL72 ADSL Wireless Router

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
3com
exploit available
NVD
Published: 2004-10-13
Updated: 2017-07-11

Summary

The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows remote attackers to gain sensitive information such as passwords and router settings via a direct HTTP request to app_sta.stm.

Vulnerable Configurations

Part Description Count
Hardware
3Com
1

Exploit-Db

description3Com 3CRADSL72 ADSL Wireless Router Information Disclosure and Authentication Bypass Vulnerabilities. CVE-2004-1596. Remote exploit for hardware platform
idEDB-ID:24681
last seen2016-02-02
modified2004-10-13
published2004-10-13
reporterKarb0nOxyde
sourcehttps://www.exploit-db.com/download/24681/
title3Com 3CRADSL72 ADSL Wireless Router Information Disclosure and Authentication Bypass Vulnerabilities

References