Vulnerability Details CVE-2016-10125
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.4%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
References
Products affected by CVE-2016-10125
-
cpe:2.3:h:dlink:dgs-1100-05:-
-
cpe:2.3:h:dlink:dgs-1100-05pd:-
-
cpe:2.3:h:dlink:dgs-1100-08:-
-
cpe:2.3:h:dlink:dgs-1100-08p:-
-
cpe:2.3:h:dlink:dgs-1100-10mp:-
-
cpe:2.3:h:dlink:dgs-1100-10mpp:-
-
cpe:2.3:h:dlink:dgs-1100-16:-
-
cpe:2.3:h:dlink:dgs-1100-18:-
-
cpe:2.3:h:dlink:dgs-1100-24:-
-
cpe:2.3:h:dlink:dgs-1100-24p:-
-
cpe:2.3:h:dlink:dgs-1100-26:-
-
cpe:2.3:h:dlink:dgs-1100-26mp:-
-
cpe:2.3:o:dlink:dgs-1100_firmware:1.01.018