CVE-2012-2974
SMC SMC8024L2 Switch - Unauthenticated Authentication Bypass via Direct HTML File Access
Title source: llmDescription
The web interface on the SMC SMC8024L2 switch allows remote attackers to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9) security/, (10) igmps/, or (11) snmp/.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027285
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/377915
Scores
EPSS
0.0262
EPSS Percentile
83.6%
Details
CWE
CWE-287
Status
published
Products (1)
smc/smc8024l2_switch
Published
Jul 19, 2012
Tracked Since
Feb 18, 2026