Vulnerabilities > D Link > DVG N5402Sp Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-24 | CVE-2015-7247 | Information Exposure vulnerability in D-Link Dvg-N5402Sp Firmware W1000Cn00/W1000Cn03/W2000En00 D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information. | 9.8 |
2017-04-24 | CVE-2015-7246 | Use of Hard-coded Credentials vulnerability in D-Link Dvg-N5402Sp Firmware W1000Cn00/W1000Cn03/W2000En00 D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access. | 9.8 |
2017-04-24 | CVE-2015-7245 | Path Traversal vulnerability in D-Link Dvg-N5402Sp Firmware W1000Cn00/W1000Cn03/W2000En00 Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. | 7.5 |