Описание
D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 have a hardcoded account of username gkJ9232xXyruTRmY, which makes it easier for remote attackers to obtain access by leveraging knowledge of the username.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 1.08b51 (включая)
Одновременно
Одно из
cpe:2.3:o:dlink:dsr-500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.02b11:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.02b25:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.03b12:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.03b23:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.03b27:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.03b36:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.03b43:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.04b58:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.06b43:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500_firmware:1.06b53:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsr-500:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.05b48 (включая)
Одновременно
cpe:2.3:o:dlink:dsr-150n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsr-150n:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 1.08b39 (включая)
Одновременно
Одно из
cpe:2.3:o:dlink:dsr-250n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250n_firmware:1.01b46:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250n_firmware:1.01b56:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250n_firmware:1.05b20:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250n_firmware:1.05b53:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250n_firmware:1.08b31:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsr-250n:-:*:*:*:*:*:*:*
Конфигурация 4Версия до 1.08b29 (включая)
Одновременно
Одно из
cpe:2.3:o:dlink:dsr-150_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-150_firmware:1.05b29:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-150_firmware:1.05b35:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-150_firmware:1.05b46:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-150_firmware:1.05b50:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsr-150:-:*:*:*:*:*:*:*
Конфигурация 5Версия до 1.08b51 (включая)
Одновременно
Одно из
cpe:2.3:o:dlink:dsr-500n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.02b11:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.02b25:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.03b12:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.03b23:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.03b27:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.03b36:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.03b43:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.04b58:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.06b43:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-500n_firmware:1.06b53:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsr-500n:-:*:*:*:*:*:*:*
Конфигурация 6Версия до 1.08b51 (включая)
Одновременно
Одно из
cpe:2.3:o:dlink:dsr-1000n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.01b50:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.02b11:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.02b25:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.03b12:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.03b23:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.03b27:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.03b36:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.03b43:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.04b58:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.06b43:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000n_firmware:1.06b53:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsr-1000n:-:*:*:*:*:*:*:*
Конфигурация 7Версия до 1.08b39 (включая)
Одновременно
Одно из
cpe:2.3:o:dlink:dsr-250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250_firmware:1.01b46:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250_firmware:1.01b56:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250_firmware:1.05b20:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250_firmware:1.05b53:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-250_firmware:1.08b31:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsr-250:-:*:*:*:*:*:*:*
Конфигурация 8Версия до 1.08b51 (включая)
Одновременно
Одно из
cpe:2.3:o:dlink:dsr-1000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.01b50:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.02b11:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.02b25:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.03b12:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.03b23:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.03b27:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.03b36:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.03b43:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.04b58:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.06b43:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsr-1000_firmware:1.06b53:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsr-1000:-:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00333
Низкий
7.8 High
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
больше 3 лет назад
D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 have a hardcoded account of username gkJ9232xXyruTRmY, which makes it easier for remote attackers to obtain access by leveraging knowledge of the username.
fstec
больше 12 лет назад
Уязвимость микропрограммного обеспечения маршрутизатора D–Link DSR–500, позволяющая злоумышленнику получить права администратора
EPSS
Процентиль: 56%
0.00333
Низкий
7.8 High
CVSS2
Дефекты
CWE-255