{"api_version":"1","generated_at":"2026-04-23T02:58:26+00:00","cve":"CVE-2005-0112","urls":{"html":"https://cve.report/CVE-2005-0112","api":"https://cve.report/api/cve/CVE-2005-0112.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-0112","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-0112"},"summary":{"title":"CVE-2005-0112","description":"The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-04-14 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18994","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18994","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/12322","name":"http://www.securityfocus.com/bid/12322","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"3Com OfficeConnect Wireless 11g Access Point 3CRWE454G72 Information Disclosure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities","name":"http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Accenture | Let there be change","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://securitytracker.com/id?1012958","name":"http://securitytracker.com/id?1012958","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - 3Com OfficeConnect Wireless 11g Access Point Discloses Passwords and Keys to Remote Users","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/13942","name":"http://secunia.com/advisories/13942","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - OfficeConnect Wireless 11g Access Point Information Disclosure","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-0112","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0112","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"3com","cpe5":"3crwe454g72","cpe6":"1.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"3com","cpe5":"3crwe454g72","cpe6":"1.0.2.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"3com","cpe5":"3crwe454g72","cpe6":"1.0.3.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T21:05:23.966Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"3com-officeconnect-information-disclosure(18994)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18994"},{"name":"12322","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/12322"},{"name":"20050120 3Com OfficeConnect Wireless 11g AP Information Disclosure Vulnerability","tags":["third-party-advisory","x_refsource_IDEFENSE","x_transferred"],"url":"http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities"},{"name":"1012958","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1012958"},{"name":"13942","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/13942"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-01-20T00:00:00.000Z","descriptions":[{"lang":"en","value":"The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-10T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"3com-officeconnect-information-disclosure(18994)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18994"},{"name":"12322","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/12322"},{"name":"20050120 3Com OfficeConnect Wireless 11g AP Information Disclosure Vulnerability","tags":["third-party-advisory","x_refsource_IDEFENSE"],"url":"http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities"},{"name":"1012958","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1012958"},{"name":"13942","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/13942"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-0112","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"3com-officeconnect-information-disclosure(18994)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18994"},{"name":"12322","refsource":"BID","url":"http://www.securityfocus.com/bid/12322"},{"name":"20050120 3Com OfficeConnect Wireless 11g AP Information Disclosure Vulnerability","refsource":"IDEFENSE","url":"http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities"},{"name":"1012958","refsource":"SECTRACK","url":"http://securitytracker.com/id?1012958"},{"name":"13942","refsource":"SECUNIA","url":"http://secunia.com/advisories/13942"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-0112","datePublished":"2005-01-22T05:00:00.000Z","dateReserved":"2005-01-18T00:00:00.000Z","dateUpdated":"2024-08-07T21:05:23.966Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-04-14 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:3com:3crwe454g72:1.0.2:*:*:*:*:*:*:*","matchCriteriaId":"D20F01F7-4C74-4BD2-891F-B5F1204F3910"},{"vulnerable":true,"criteria":"cpe:2.3:h:3com:3crwe454g72:1.0.2.11:*:*:*:*:*:*:*","matchCriteriaId":"4C47944D-A4CC-4F65-9468-3252A786EB2F"},{"vulnerable":true,"criteria":"cpe:2.3:h:3com:3crwe454g72:1.0.3.5:*:*:*:*:*:*:*","matchCriteriaId":"F5A26FA1-D651-4673-BBE3-60B94F39619A"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"112","Ordinal":"1","Title":"CVE-2005-0112","CVE":"CVE-2005-0112","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"112","Ordinal":"1","NoteData":"The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.","Type":"Description","Title":"CVE-2005-0112"},{"CveYear":"2005","CveId":"112","Ordinal":"2","NoteData":"2005-01-22","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"112","Ordinal":"3","NoteData":"2017-07-10","Type":"Other","Title":"Modified"}]}}}