Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-2901. PoCs published by INTRUDERS.
AI-analyzed exploit summary This advisory describes an information leakage vulnerability in D-Link DWL-2100ap where accessing a non-existent .cfg file in the /cgi-bin/ directory exposes the device's configuration, including sensitive data like passwords.
Description
The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords.
Exploits (1)
This advisory describes an information leakage vulnerability in D-Link DWL-2100ap where accessing a non-existent .cfg file in the /cgi-bin/ directory exposes the device's configuration, including sensitive data like passwords.