D-Link DSP-W215 Information Disclosure Vulnerability (CNVD-2020-33174)

The D-Link DSP-W215 is a smart plug product from Taiwan, China-based AUO D-Link. A security vulnerability exists in D-Link DSP-W215 version 1.26b03. An attacker can exploit the vulnerability to cause information disclosure...

D-Link DSP-W215 Information Disclosure Vulnerability

The D-Link DSP-W215 is a smart plug product from Taiwan, China-based AUO D-Link. A security vulnerability exists in D-Link DSP-W215 version 1.26b03. An attacker can exploit the vulnerability to obtain information...

Design/Logic Flaw

D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer...

CVE-2020-13135

D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy...

CVE-2020-13136

CVE-2020-13136 affects D-Link DSP-W215 (version 1.26b03): the device transmits an obfuscated hash that can be intercepted and decoded by a network sniffer, enabling information disclosure. The NVD records a CVSS2 base score of 5.0 (Medium) and CVSS3.1 base score of 7.5 (High) with network access ...

PT-2020-13350 · D Link · D-Link Dsp-W215

Name of the Vulnerable Software and Affected Versions: D-Link DSP-W215 version 1.26b03 Description: The issue concerns the transmission of an obfuscated hash by the device, which can be intercepted and decoded by a network sniffer. Recommendations: For D-Link DSP-W215 version 1.26b03, consider...