D-Link Dvg-N5402Sp Firmware vulnerabilities
3 known vulnerabilities affecting d-link/dvg-n5402sp_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2015-7246CRITICALCVSS 9.8PoCvw1000cn-00vw1000cn-03+1 more2017-04-24
CVE-2015-7246 [CRITICAL] CWE-798 CVE-2015-7246: D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of roo
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access.
nvd
CVE-2015-7247CRITICALCVSS 9.8PoCvw1000cn-00vw1000cn-03+1 more2017-04-24
CVE-2015-7247 [CRITICAL] CWE-200 CVE-2015-7247: D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, password
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information.
nvd
CVE-2015-7245HIGHCVSS 7.5PoCvw1000cn-00vw1000cn-03+1 more2017-04-24
CVE-2015-7245 [HIGH] CWE-22 CVE-2015-7245: Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W20
Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. (dot dot) in the errorpage parameter.
nvd