Vulnerabilities > CVE-2013-7004 - Credentials Management vulnerability in Dlink products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
dlink
CWE-255
exploit available

Summary

D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 have a hardcoded account of username gkJ9232xXyruTRmY, which makes it easier for remote attackers to obtain access by leveraging knowledge of the username.

Vulnerable Configurations

Part Description Count
OS
Dlink
64
Hardware
Dlink
8

Common Weakness Enumeration (CWE)

Exploit-Db

idEDB-ID:30061