CVE-2015-0152

Опубликовано: 12 апр. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the administrative password.

Ссылки

ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-815/REVB/DIR-815_REVB_FIRMWARE_PATCH_NOTES_2.07.B01_EN.PDF
Release Notes
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/110585
Third Party Advisory
VDB Entry
ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-815/REVB/DIR-815_REVB_FIRMWARE_PATCH_NOTES_2.07.B01_EN.PDF
Release Notes
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/110585
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:dlink:dir-815_firmware:*:*:*:*:*:*:*:*

Версия до 2.07.b01 (исключая)

cpe:2.3:h:dlink:dir-815:-:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00482

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-6g45-r6rv-4qx7