D-Link DWL-1000AP Wireless LAN Access Point Public Community String Vulnerability
D-Link DWL-1000AP is a 11Mbps wireless LAN access point product, which is geared towards home users. It supports WEP, MAC address control and user authentication.
A default read-only SNMP community string entitled "public" exists on the device. This community string is hard-coded into the product and cannot be changed with the configuration interface.
As a result, an attacker may use a SNMP client to browse sensitive information contained in the "public" MIB.
The issue is further complicated by BugTraq ID 3735, "D-Link DWL-1000AP Wireless LAN Access Point Plaintext Password Vulnerability".
This issue has been confirmed with the 3.2.28 #483 (Aug 23
2001) firmware. Other versions of the firmware may also be affected.