Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on, uses a system identification string as a default SNMP read/write community string, which allows remote attackers to obtain and modify sensitive configuration information by querying for the identification string.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hpe | compaq_wl310_firmware | - |
| proxim | orinoco_rg-1000_firmware | - |
| proxim | orinoco_rg-1100_firmware | - |
Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| avaya | wireless_ap-5 | 2.5.4 |
| avaya | wireless_ap-7 | 2.5 |
| proxim | ap-700 | 3.0 |
| proxim | ap-600 | 2.5.4 |
| avaya | wireless_ap-6 | 2.5.4 |
| avaya | wireless_ap-5 | 2.5 |
| avaya | wireless_ap-8 | 2.5 |
| avaya | wireless_ap-4 | 2.5 |
| proxim | ap-4000 | 3.0 |
| proxim | ap-700 | 2.4.12 |
| avaya | wireless_ap-6 | 2.5 |
| proxim | ap-4000 | 2.4.12 |
| avaya | wireless_ap-4 | 2.5.4 |
| proxim | ap-2000 | 2.5.4 |
| avaya | wireless_ap-3 | 2.5.4 |
| avaya | wireless_ap-3 | 2.5 |