Vulnerabilities > D Link > DVG N5402Sp Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2015-7246 Use of Hard-coded Credentials vulnerability in D-Link Dvg-N5402Sp Firmware W1000Cn00/W1000Cn03/W2000En00
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access.
network
low complexity
d-link CWE-798
critical
9.8
2017-04-24 CVE-2015-7247 Information Exposure vulnerability in D-Link Dvg-N5402Sp Firmware W1000Cn00/W1000Cn03/W2000En00
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information.
network
low complexity
d-link CWE-200
critical
9.8