CVE-2002-2137 - Vulnerability Details - OpenCVE

GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Alloy	Gl-2422ap-s
D-link	Dwl-900ap\+
Eusso	Gl2422 Ap
Linksys	Wap11
Wisecom	Gl2422ap-0t

Configuration 1 [-]

OR	cpe:2.3:h:alloy:gl-2422ap-s::::::::
	cpe:2.3:h:d-link:dwl-900ap\+:b1_2.1:::::::*
	cpe:2.3:h:d-link:dwl-900ap\+:b1_2.2:::::::*
	cpe:2.3:h:eusso:gl2422_ap::::::::
	cpe:2.3:h:linksys:wap11:2.2:::::::*
	cpe:2.3:h:wisecom:gl2422ap-0t::::::::

No data.

References

Link	Providers
http://online.securityfocus.com/archive/1/298432
http://www.iss.net/security_center/static/10536.php
http://www.securityfocus.com/bid/6100

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-11-16T21:17:00Z

Updated: 2024-09-17T01:10:53.840Z

Reserved: 2005-11-16T00:00:00Z

Link: CVE-2002-2137

Vulnrichment

No data.

NVD

Status : Modified

Published: 2002-12-31T05:00:00.000

Modified: 2024-11-20T23:42:57.740

Link: CVE-2002-2137

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a \"getsearch\" request to UDP port 27155."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-11-16T21:17:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "6100", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/6100"}, {"name": "ieee80211b-ap-information-disclosure(10536)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/10536.php"}, {"name": "20021103 Accesspoints disclose wep keys, password and mac filter (fwd)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://online.securityfocus.com/archive/1/298432"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-2137", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a \"getsearch\" request to UDP port 27155."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "6100", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6100"}, {"name": "ieee80211b-ap-information-disclosure(10536)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/10536.php"}, {"name": "20021103 Accesspoints disclose wep keys, password and mac filter (fwd)", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/298432"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T03:51:17.518Z"}, "title": "CVE Program Container", "references": [{"name": "6100", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/6100"}, {"name": "ieee80211b-ap-information-disclosure(10536)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/10536.php"}, {"name": "20021103 Accesspoints disclose wep keys, password and mac filter (fwd)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://online.securityfocus.com/archive/1/298432"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-2137", "datePublished": "2005-11-16T21:17:00Z", "dateReserved": "2005-11-16T00:00:00Z", "dateUpdated": "2024-09-17T01:10:53.840Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:alloy:gl-2422ap-s:*:*:*:*:*:*:*:*", "matchCriteriaId": "E479E2A2-E665-407C-90B2-98ED2519C278", "vulnerable": true}, {"criteria": "cpe:2.3:h:d-link:dwl-900ap\\+:b1_2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9B57384-28F5-4E46-8C91-0763F3AF00C0", "vulnerable": true}, {"criteria": "cpe:2.3:h:d-link:dwl-900ap\\+:b1_2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D7F88095-C09D-4B32-9C19-AFCA56D25264", "vulnerable": true}, {"criteria": "cpe:2.3:h:eusso:gl2422_ap:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5AE7C2B-3E13-4190-8B23-869CA545F4F3", "vulnerable": true}, {"criteria": "cpe:2.3:h:linksys:wap11:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "51EC19D0-E959-4F22-BB40-AADF37A672F8", "vulnerable": true}, {"criteria": "cpe:2.3:h:wisecom:gl2422ap-0t:*:*:*:*:*:*:*:*", "matchCriteriaId": "74AB2249-644D-404B-84D9-726344639BD0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a \"getsearch\" request to UDP port 27155."}], "id": "CVE-2002-2137", "lastModified": "2024-11-20T23:42:57.740", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://online.securityfocus.com/archive/1/298432"}, {"source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/10536.php"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/6100"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://online.securityfocus.com/archive/1/298432"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/10536.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/6100"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}