Vulnerability Description
GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alloy | Gl-2422Ap-S | All versions |
| D-Link | Dwl-900Ap\+ | b1_2.1 |
| Eusso | Gl2422 Ap | All versions |
| Linksys | Wap11 | 2.2 |
| Wisecom | Gl2422Ap-0T | All versions |
References
- http://online.securityfocus.com/archive/1/298432ExploitVendor Advisory
- http://www.iss.net/security_center/static/10536.php
- http://www.securityfocus.com/bid/6100Exploit
- http://online.securityfocus.com/archive/1/298432ExploitVendor Advisory
- http://www.iss.net/security_center/static/10536.php
- http://www.securityfocus.com/bid/6100Exploit
FAQ
What is CVE-2002-2137?
CVE-2002-2137 is a vulnerability with a CVSS score of 5.0 (MEDIUM). GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-...
How severe is CVE-2002-2137?
CVE-2002-2137 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2137?
Check the references section above for vendor advisories and patch information. Affected products include: Alloy Gl-2422Ap-S, D-Link Dwl-900Ap\+, Eusso Gl2422 Ap, Linksys Wap11, Wisecom Gl2422Ap-0T.