The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, configures this server to accept all source IP addresses on the external (Internet) interface unless the user selects other options, which might expose the router to unintended incoming traffic from remote attackers, as demonstrated by setting up a virtual server on port 80, which allows remote attackers to access the web management interface.
oryginał ENAV:N/AC:L/Au:N/C:C/I:C/A:C3com 3crwe554g72t
HW3Com3crwer100-75
Powiązane podatności
The 3Com 3CRWER100-75 router with 1.2.10ww software, when remote management is disabled but a web server has b...
The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers w...
The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers...
Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows ...
TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) characte...