Vulnerability Description
TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| D-Link | Di-614\+ | 2.0 |
| Longshine Technologie | Longshine Wireless Ethernet Access Point | lcs-883r-ac-b |
References
- http://www.iss.net/security_center/static/10997.php
- http://www.securityfocus.com/archive/1/305344Exploit
- http://www.securityfocus.com/archive/1/305391Exploit
- http://www.securityfocus.com/bid/6533
- http://www.securitytracker.com/id?1005897
- http://www.iss.net/security_center/static/10997.php
- http://www.securityfocus.com/archive/1/305344Exploit
- http://www.securityfocus.com/archive/1/305391Exploit
- http://www.securityfocus.com/bid/6533
- http://www.securitytracker.com/id?1005897
FAQ
What is CVE-2003-1264?
CVE-2003-1264 is a vulnerability with a CVSS score of 5.0 (MEDIUM). TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges b...
How severe is CVE-2003-1264?
CVE-2003-1264 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1264?
Check the references section above for vendor advisories and patch information. Affected products include: D-Link Di-614\+, Longshine Technologie Longshine Wireless Ethernet Access Point.