Red-M: >> 1050ap Lan Acess Point Security Vulnerabilities
Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password.
CVSS Score
10.0
EPSS Score
0.032
Published
2002-07-26
Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords.
CVSS Score
10.0
EPSS Score
0.005
Published
2002-07-26
The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods.
CVSS Score
10.0
EPSS Score
0.012
Published
2002-07-26
The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session.
CVSS Score
7.5
EPSS Score
0.005
Published
2002-07-26
Red-M 1050 (Bluetooth Access Point) publicizes its name, IP address, and other information in UDP packets to a broadcast address, which allows any system on the network to obtain potentially sensitive information about the Access Point device by monitoring UDP port 8887.
CVSS Score
5.0
EPSS Score
0.004
Published
2002-07-26
Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name.
CVSS Score
10.0
EPSS Score
0.008
Published
2002-07-26