Vulnerabilities > CVE-2015-7277 - Credentials Management vulnerability in Ampedwireless R10000 Firmware 2.5.2.11

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

ampedwireless

CWE-255

critical

NVD

Published: 2015-12-31

Updated: 2016-11-28

Summary

The web administration interface on Amped Wireless R10000 devices with firmware 2.5.2.11 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session.

Vulnerable Configurations

Part	Description	Count
OS	Ampedwireless Ampedwireless R10000 Firmware 2.5.2.11	1
Hardware	Ampedwireless Ampedwireless R10000 -	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://www.securityfocus.com/bid/78818
https://www.kb.cert.org/vuls/id/763576