| Vulnerability Name: | CVE-2007-5420 (CCN-38114) | ||||||||
| Assigned: | 2007-10-10 | ||||||||
| Published: | 2007-10-10 | ||||||||
| Updated: | 2018-10-15 | ||||||||
| Summary: | The 3Com 3CRWER100-75 router with 1.2.10ww software, when remote management is disabled but a web server has been configured, serves a web page to external clients, which might allow remote attackers to obtain information about the router's existence and product details. | ||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.1 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)
2.1 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:U/RL:U/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-16 CWE-200 | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Wed Oct 10 2007 - 09:14:01 CDT 3Com WIFI router remote administration vulnerability Source: MITRE Type: CNA CVE-2007-5420 Source: OSVDB Type: UNKNOWN 45490 Source: SREASON Type: UNKNOWN 3217 Source: CCN Type: 3Com Corporation Web site 3Com OfficeConnect Wireless 54 Mbps 11g Cable/DSL Router (3CRWER100-75) Source: CCN Type: OSVDB ID: 45490 3Com 3CRWER100-75 Router Persistent Web Page Product Information Disclosure Source: BUGTRAQ Type: UNKNOWN 20071010 3Com WIFI router remote administration vulnerability. Source: BID Type: UNKNOWN 26009 Source: CCN Type: BID-26009 3Com OfficeConnect Wireless Cable/DSL Router Unauthorized Remote Administration Vulnerability Source: XF Type: UNKNOWN 3com-3crwer10075-information-disclosure(38114) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||