Vulnerability Database

308,379

Total vulnerabilities in the database

CVE-2002-1810

D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information.

Published: Dec 31, 2002
Updated: Nov 9, 2025
CVE: CVE-2002-1810
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-306

Affected Software
References

Software	From	Fixed in
dlink / dwl-900ap+_firmware	2.1	2.1.x
dlink / dwl-900ap+_firmware	2.2	2.2.x

http://online.securityfocus.com/archive/1/296374
http://www.iss.net/security_center/static/10424.php
http://www.securityfocus.com/bid/6015

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo