TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Di-614+ | D-link | 2.0 (including) | 2.0 (including) |
Longshine_wireless_ethernet_access_point | Longshine_technologie | lcs-883r-ac-b (including) | lcs-883r-ac-b (including) |