VYPR
High severity7.5NVD Advisory· Published Jul 1, 2009· Updated Jun 16, 2026

CVE-2009-2272

CVE-2009-2272

Description

The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by (1) reading a cookie file, by (2) sniffing the network for HTTP headers, and possibly by using unspecified other vectors.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.