CVE-2004-1596

3COM Wireless router <3CRADSL72 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1596. PoCs published by Karb0nOxyde.

AI-analyzed exploit summary The provided text describes an information disclosure and authentication bypass vulnerability in 3Com 3CRADSL72 routers. It mentions that accessing a specific URL can disclose sensitive information and potentially grant administrative access.

Description

The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows remote attackers to gain sensitive information such as passwords and router settings via a direct HTTP request to app_sta.stm.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Karb0nOxyde · textremotehardware
https://www.exploit-db.com/exploits/24681

The provided text describes an information disclosure and authentication bypass vulnerability in 3Com 3CRADSL72 routers. It mentions that accessing a specific URL can disclose sensitive information and potentially grant administrative access.

Classification
Writeup 90%
Attack Type
Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: 3Com 3CRADSL72
No auth needed
Prerequisites: Network access to the vulnerable router
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17723
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109810854031673&w=2
Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11408
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109778914829901&w=2
Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/378551

Scores

EPSS 0.0261
EPSS Percentile 83.5%

Details

Status published
Products (1)
3com/3cradsl72
Published Oct 13, 2004
Tracked Since Feb 18, 2026