CVE-2002-2137

3 documents3 sources
Severity
5.0MEDIUM
EPSS
0.5%
top 34.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
D-link Dwl-900ap\+Linksys Wap11
Timeline
PublishedDec 31
Latest updateApr 30

Description

GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDlinksys/wap112.2
NVDd-link/dwl-900ap\+b1_2.1, b1_2.2+1

🔴Vulnerability Details

2
GHSA
GHSA-xf2v-frx2-q782: GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 22022-04-30
CVEList
CVE-2002-2137: GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 22005-11-16
CVE-2002-2137 (MEDIUM CVSS 5) | GlobalSunTech Wireless Access Point | cvebase.io