Описание
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:d-link:dvg-n5402sp_firmware:w1000cn-00:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dvg-n5402sp_firmware:w1000cn-03:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dvg-n5402sp_firmware:w2000en-00:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-n5402sp:-:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.3094
Средний
9.8 Critical
CVSS3
7.8 High
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information.
EPSS
Процентиль: 97%
0.3094
Средний
9.8 Critical
CVSS3
7.8 High
CVSS2
Дефекты
CWE-200