CVE-2006-2901

D-Link DWL-2100ap <2.10na - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2901. PoCs published by INTRUDERS.

AI-analyzed exploit summary This advisory describes an information leakage vulnerability in D-Link DWL-2100ap where accessing a non-existent .cfg file in the /cgi-bin/ directory exposes the device's configuration, including sensitive data like passwords.

Description

The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords.

Exploits (1)

exploitdb WRITEUP VERIFIED
by INTRUDERS · textremotehardware
https://www.exploit-db.com/exploits/1889

This advisory describes an information leakage vulnerability in D-Link DWL-2100ap where accessing a non-existent .cfg file in the /cgi-bin/ directory exposes the device's configuration, including sensitive data like passwords.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: D-Link DWL-2100ap
No auth needed
Prerequisites: Network access to the vulnerable device
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/489009/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/436281/100/0/threaded
Exploit, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20474
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18299
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016234
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26973
Patch, Vendor Advisory x_refsource_misc
http://www.intruders.com.br/adv0206en.html
Various Sources x_refsource_misc
http://www.intruders.org.br/adv0206en.html
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1064
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2186

Scores

EPSS 0.0905
EPSS Percentile 94.7%

Details

Status published
Products (1)
d-link/dwl-2100ap < 2.10na
Published Jun 07, 2006
Tracked Since Feb 18, 2026