2 matches found
CVE-2017-14422
D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices use the same hardcoded /etc/stunnel.key private key across different customers' installations, which allows remote attackers to defeat the HTTPS cryptographic protection mechanisms...
CVE-2017-14422
The CVE-2017-14422 entry applies to D-Link DIR-850L REV. A (firmware FW114WWb07_h2ab_beta1) and REV. B (FW208WWb02). The root cause is a hardcoded private key in /etc/stunnel.key across installations, which could allow remote attackers to bypass HTTPS protection by exploiting knowledge of that ke...