CVE-2008-4540

CVE Database · CVE-2008-4540

CVE-2008-4540

· N/AModified

CVSS v3.1

N/A

EPSS

1.98%

Published

Oct 13, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access.

Weaknesses (CWE)

CWE-255

Affected Products (2)

htc · hermes

microsoft · windows_mobilevulnerable

References (6)

http://securityreason.com/securityalert/4402

http://www.securityfocus.com/archive/1/497151/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/45857

http://securityreason.com/securityalert/4402

http://www.securityfocus.com/archive/1/497151/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/45857

KEV Catalog EPSS Scores Vendors All CVEs