Vulnerabilities > CVE-2015-5994 - Credentials Management vulnerability in Mediabridge Medialink Mwn-Wapr300N Firmware 5.07.50

CVSS 7.9 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

mediabridge

CWE-255

NVD

Published: 2015-12-31

Updated: 2015-12-31

Summary

The web management interface on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 has a default password of admin for the admin account and a default password of password for the medialink account, which allows remote attackers to obtain administrative privileges by leveraging a Wi-Fi session.

Vulnerable Configurations

Part	Description	Count
OS	Mediabridge Mediabridge Medialink MWN Wapr300N Firmware 5.07.50	1
Hardware	Mediabridge Mediabridge Medialink MWN Wapr300N *	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

https://www.kb.cert.org/vuls/id/630872