CVE-2012-2974

SMC SMC8024L2 - Auth Bypass

Title source: llm

Description

The web interface on the SMC SMC8024L2 switch allows remote attackers to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9) security/, (10) igmps/, or (11) snmp/.

References (2)

[US Government Resource] http://www.kb.cert.org/vuls/id/377915

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1027285

Scores

EPSS 0.0043

EPSS Percentile 62.1%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

smc/smc8024l2_switch

Timeline

Published Jul 19, 2012

Tracked Since Feb 18, 2026