Authentication Bypass and Information Disclosure in 3Com OfficeConnect Wireless 11g Access Point

Authentication Bypass and Information Disclosure in 3Com OfficeConnect Wireless 11g Access Point

CVE-2005-0112 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.

Learn more about our Cis Benchmark Audit For Microsoft Office.