cbcvebase.
CVE-2009-4197
published 2009-12-04

CVE-2009-4197: rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password…

PriorityP419medium4.7CVSS 2.0
AVLACMAuNCCINAN
EXPLOIT
EPSS
0.47%
37.0th percentile
rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete.

Affected

2 ranges
VendorProductVersion rangeFixed in
huaweimt882_modem
huaweimt882_modem_firmware
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.