VULHUB ™

The Longshine LCS-883R-AC-B device will allow tftp connections. An attacker can exploit this vulnerability to connect via tftp to the access point and download the configuration file without any authentication. The configuration file contains sensitive information including the administrator password and WEP keys. ** The D-Link DI-614+ product, reportedly based on the Longshine device, appears to be vulnerable to this issue however, only some files were accessible.

The Longshine LCS-883R-AC-B device will allow tftp connections. An attacker can exploit this vulnerability to connect via tftp to the access point and download the configuration file without any authentication. The configuration file contains sensitive information including the administrator password and WEP keys. ** The D-Link DI-614+ product, reportedly based on the Longshine device, appears to be vulnerable to this issue however, only some files were accessible.