NotCVE - vendor:"D-link" product:"Dvg-n5402sp Firmware" version:"w1000cn-03"

3 results (0.007 seconds)

CVSS: 7.5EPSS: 95%CPEs: 4EXPL: 3

CVE-2015-7245 – D-Link DVGN5402SP - Multiple Vulnerabilities

https://notcve.org/view.php?id=CVE-2015-7245

Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. (dot dot) in the errorpage parameter. Vulnerabilidad de salto de directorio en DLink DVGN5402SP con firmware W1000CN00, W1000CN03 o W2000EN00 permite a atacantes remotos leer información sensible a través de un .. (punto punto) en el parámetro errorpage. D-Link DVG-N5402SP suffers from path traversal, weak credential management, and information leakage vulnerabilities. • https://www.exploit-db.com/exploits/39409 http://packetstormsecurity.com/files/135590/D-Link-DVG-N5402SP-Path-Traversal-Information-Disclosure.html http://seclists.org/fulldisclosure/2016/Feb/24 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 3

CVE-2015-7246 – D-Link DVGN5402SP - Multiple Vulnerabilities

https://notcve.org/view.php?id=CVE-2015-7246

D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access. DLink DVGN5402SP con firmware W1000CN00, W1000CN03 o W2000EN00 tiene una contraseña predeterminada de root para la cuenta root y tw para la cuenta tw, lo que hace más fácil a atacantes remotos obtener acceso administrativo. D-Link DVG-N5402SP suffers from path traversal, weak credential management, and information leakage vulnerabilities. • https://www.exploit-db.com/exploits/39409 http://packetstormsecurity.com/files/135590/D-Link-DVG-N5402SP-Path-Traversal-Information-Disclosure.html http://seclists.org/fulldisclosure/2016/Feb/24 • CWE-798: Use of Hard-coded Credentials •

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 3

CVE-2015-7247 – D-Link DVGN5402SP - Multiple Vulnerabilities

https://notcve.org/view.php?id=CVE-2015-7247

D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information. DLink DVGN5402SP con firmware W1000CN00, W1000CN03 o W2000EN00 revela nombres de usuario, contraseñas, claves, valores y hashes de cuentas web (super y admin) en texto plano al ejecutar una copia de seguridad de configuración, lo que permite a atacantes remotos obtener información sensible. D-Link DVG-N5402SP suffers from path traversal, weak credential management, and information leakage vulnerabilities. • https://www.exploit-db.com/exploits/39409 http://packetstormsecurity.com/files/135590/D-Link-DVG-N5402SP-Path-Traversal-Information-Disclosure.html http://seclists.org/fulldisclosure/2016/Feb/24 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVE-2015-7245 – D-Link DVG­N5402SP - Multiple Vulnerabilities

CVE-2015-7246 – D-Link DVG­N5402SP - Multiple Vulnerabilities

CVE-2015-7247 – D-Link DVG­N5402SP - Multiple Vulnerabilities

CVE-2015-7245 – D-Link DVGN5402SP - Multiple Vulnerabilities

CVE-2015-7246 – D-Link DVGN5402SP - Multiple Vulnerabilities

CVE-2015-7247 – D-Link DVGN5402SP - Multiple Vulnerabilities