Dlink: >> Dwr-932b Firmware >> 02.02eu Security Vulnerabilities
An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234.
CVSS Score
9.8
EPSS Score
0.201
Published
2017-01-30
An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/sh" command.
CVSS Score
9.8
EPSS Score
0.222
Published
2017-01-30
An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607.
CVSS Score
7.5
EPSS Score
0.12
Published
2017-01-30
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding.
CVSS Score
7.5
EPSS Score
0.109
Published
2017-01-30
An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=get_homeCfg requests.
CVSS Score
7.5
EPSS Score
0.121
Published
2017-01-30
An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters.
CVSS Score
9.8
EPSS Score
0.493
Published
2017-01-30
An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal.
CVSS Score
7.5
EPSS Score
0.288
Published
2017-01-30
An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal.
CVSS Score
7.5
EPSS Score
0.288
Published
2017-01-30
An issue was discovered on the D-Link DWR-932B router. A secure_mode=no line exists in /var/miniupnpd.conf.
CVSS Score
7.5
EPSS Score
0.09
Published
2017-01-30
An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules.
CVSS Score
7.5
EPSS Score
0.09
Published
2017-01-30
Page 1