CVE-2009-2274 Information

Description

The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to (1) lan_status_adv.asp (2) wlan_basic_cfg.asp or (3) lancfg.asp in en/ related to use of JavaScript to protect against reading file contents.

Reference

http://secunia.com/advisories/35638 http://www.securityfocus.com/archive/1/504645/100/0/threaded