Dlink: >> Dir-825 Rev.b Firmware Security Vulnerabilities
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The "user" account has a blank password.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-02-25
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is an information disclosure vulnerability via requests for the router_info.xml document. This will reveal the PIN code, MAC address, routing table, firmware version, update time, QOS information, LAN information, and WLAN information of the device.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-02-25
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the ntp_server parameter in an ntp_sync.cgi POST request.
CVSS Score
8.8
EPSS Score
0.096
Published
2019-02-25