Vulnerability Description
rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Mt882 V100T002B020 Arg-T | firmware_3.7.9.98 |
| Huawei | Mt882 Modem Firmware | 3.7.9.98 |
| Huawei | Mt882 Modem | v100r002b020_arg-t |
References
- http://www.exploit-db.com/exploits/10276Exploit
- http://www.securityfocus.com/bid/37194
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54528
- http://www.exploit-db.com/exploits/10276Exploit
- http://www.securityfocus.com/bid/37194
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54528
FAQ
What is CVE-2009-4197?
CVE-2009-4197 is a vulnerability with a CVSS score of 4.7 (MEDIUM). rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local u...
How severe is CVE-2009-4197?
CVE-2009-4197 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4197?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mt882 V100T002B020 Arg-T, Huawei Mt882 Modem Firmware, Huawei Mt882 Modem.