Vulnerabilities > Mediabridge

DATE CVE VULNERABILITY TITLE RISK
2015-12-31 CVE-2015-5996 Cross-Site Request Forgery (CSRF) vulnerability in Mediabridge Medialink Mwn-Wapr300N Firmware 5.07.50
Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 allows remote attackers to hijack the authentication of arbitrary users.
network
low complexity
mediabridge CWE-352
8.8
2015-12-31 CVE-2015-5995 Permissions, Privileges, and Access Controls vulnerability in multiple products
Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and Tenda N3 Wireless N150 devices allow remote attackers to obtain administrative access via a certain admin substring in an HTTP Cookie header.
network
low complexity
tenda mediabridge CWE-264
critical
9.8
2015-12-31 CVE-2015-5994 Credentials Management vulnerability in Mediabridge Medialink Mwn-Wapr300N Firmware 5.07.50
The web management interface on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 has a default password of admin for the admin account and a default password of password for the medialink account, which allows remote attackers to obtain administrative privileges by leveraging a Wi-Fi session.
low complexity
mediabridge CWE-255
6.8