{"api_version":"1","generated_at":"2026-05-03T20:21:07+00:00","cve":"CVE-2004-2455","urls":{"html":"https://cve.report/CVE-2004-2455","api":"https://cve.report/api/cve/CVE-2004-2455.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2004-2455","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2004-2455"},"summary":{"title":"CVE-2004-2455","description":"Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file.","state":"PUBLISHED","assigner":"mitre","published_at":"2004-12-31 05:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://secunia.com/advisories/11603","name":"http://secunia.com/advisories/11603","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Sweex Wireless Broadband Router Exposure of Configuration","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/10339","name":"http://www.securityfocus.com/bid/10339","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Sweex Wireless Broadband Router/Access Point Unauthorized Access Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.osvdb.org/6109","name":"http://www.osvdb.org/6109","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16140","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16140","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html","name":"http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Neohapsis Archives - Full Disclosure List - #0574 - [Full-Disclosure] Sweex 802.11g router/accesspoint config disclosure / remote config","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.securitytracker.com/alerts/2004/May/1010143.html","name":"http://www.securitytracker.com/alerts/2004/May/1010143.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - Sweex Wireless Broadband Router Disclosed Administrative Password to Remote Users","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2004-2455","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-2455","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2004","cve_id":"2455","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"sweex","cpe5":"wireless_broadband_router_accesspoint_802.11g","cpe6":"lc000060","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T01:29:13.619Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"10339","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/10339"},{"name":"6109","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/6109"},{"name":"sweex-router-obtain-information(16140)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"},{"name":"11603","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/11603"},{"name":"1010143","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/alerts/2004/May/1010143.html"},{"name":"20040512 Sweex 802.11g router/accesspoint config disclosure / remote config","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2004-05-12T00:00:00.000Z","descriptions":[{"lang":"en","value":"Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-10T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"10339","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/10339"},{"name":"6109","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/6109"},{"name":"sweex-router-obtain-information(16140)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"},{"name":"11603","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/11603"},{"name":"1010143","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/alerts/2004/May/1010143.html"},{"name":"20040512 Sweex 802.11g router/accesspoint config disclosure / remote config","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2004-2455","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"10339","refsource":"BID","url":"http://www.securityfocus.com/bid/10339"},{"name":"6109","refsource":"OSVDB","url":"http://www.osvdb.org/6109"},{"name":"sweex-router-obtain-information(16140)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"},{"name":"11603","refsource":"SECUNIA","url":"http://secunia.com/advisories/11603"},{"name":"1010143","refsource":"SECTRACK","url":"http://www.securitytracker.com/alerts/2004/May/1010143.html"},{"name":"20040512 Sweex 802.11g router/accesspoint config disclosure / remote config","refsource":"FULLDISC","url":"http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2004-2455","datePublished":"2005-08-20T04:00:00.000Z","dateReserved":"2005-08-20T00:00:00.000Z","dateUpdated":"2024-08-08T01:29:13.619Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2004-12-31 05:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:sweex:wireless_broadband_router_accesspoint_802.11g:lc000060:*:*:*:*:*:*:*","matchCriteriaId":"5160B3B9-7022-48D8-825A-B999D4821737"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2004","CveId":"2455","Ordinal":"1","Title":"CVE-2004-2455","CVE":"CVE-2004-2455","Year":"2004"},"notes":[{"CveYear":"2004","CveId":"2455","Ordinal":"1","NoteData":"Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file.","Type":"Description","Title":"CVE-2004-2455"},{"CveYear":"2004","CveId":"2455","Ordinal":"2","NoteData":"2005-08-20","Type":"Other","Title":"Published"},{"CveYear":"2004","CveId":"2455","Ordinal":"3","NoteData":"2017-07-10","Type":"Other","Title":"Modified"}]}}}