CVE-2009-4197

EUVD-2009-4167
rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.7 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Affected Products (NVD)
VendorProductVersion
huaweimt882_modem_firmware
3.7.9.98
𝑥
= Vulnerable software versions
References
http://www.exploit-db.com/exploits/10276
http://www.securityfocus.com/bid/37194
https://exchange.xforce.ibmcloud.com/vulnerabilities/54528
http://www.exploit-db.com/exploits/10276
http://www.securityfocus.com/bid/37194
https://exchange.xforce.ibmcloud.com/vulnerabilities/54528