D-Link多款产品 安全漏洞

The D-Link DSR-250N, among others, is a Unified Services Router from China-based AUO D-Link. A security vulnerability exists in various D-Link products. An attacker exploiting the vulnerability can remotely execute code. The following products are affected: DSR-150, DSR-150N, DSR-250, DSR-250N,...

The vulnerability of the /etc/passwd component in the D-Link DSR-500N router’s microprogramming system allows a hacker to gain access to the device’s basic embedded Linux operating system.

The vulnerability of the /etc/passwd component in the D-Link DSR-500N router’s microprogramming system is related to the use of pre-installed user accounts. Exploiting this vulnerability could allow a malicious actor to gain access to the device’s basic embedded Linux operating system...

D-Link DSR-500N Default Account Vulnerability

A security vulnerability exists in the D-Link DSR-500N, a wireless router from D-Link, Taiwan, China, which stems from the fact that version 1.02 of the D-Link DSR-500N contains hard-coded credentials for user accounts that are not documented in the "etc/passwd" file. The vulnerability is caused ...

CVE-2021-39615

D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...

Hardcoded credentials

UNSUPPORTED WHEN ASSIGNED D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain acce...

CVE-2021-39615

The D-Link DSR-500N is affected by CVE-2021-39615 in version 1.02, where hard-coded credentials for undocumented accounts in /etc/passwd allow an attacker to log in via SSH or Telnet and gain access to the embedded Linux OS. The issue is fixed in firmware version 2.12/2. This vulnerability is not...

D-Link DSR-500N 信任管理问题漏洞

A security vulnerability exists in the D-Link DSR-500N, a wireless router from D-Link, Taiwan, China, which stems from the fact that version 1.02 of the D-Link DSR-500N contains hard-coded credentials for user accounts that are not documented in the "etc/passwd" file. The vulnerability is caused ...

PT-2021-4449 · D Link · Dsr-500N

Name of the Vulnerable Software and Affected Versions: D-Link DSR-500N version 1.02 D-Link DSR-500N versions prior to 2.12/2 Description: The issue is related to hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. If an attacker recovers the cleartext password of the...

D-Link DSR Router Series - Remote Root Shell Exploit

No description provided by source. !/usr/bin/python CVEs: CVE-2013-5945 - Authentication Bypass by SQL-Injection CVE-2013-5946 - Privilege Escalation by Arbitrary Command Execution Vulnerable Routers: D-Link DSR-150 Firmware v1.08B44 D-Link DSR-150N Firmware v1.05B64 D-Link DSR-250 and DSR-250N...

CVE-2013-5946

The runShellCmd function in systemCheck.htm in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allows remote attackers to execute...

PT-2013-1294 · D Link · Dsr-500N +6

Name of the Vulnerable Software and Affected Versions: D-Link DSR-150 versions prior to 1.08B44 D-Link DSR-150N versions prior to 1.05B64 D-Link DSR-250 versions prior to 1.08B44 D-Link DSR-250N versions prior to 1.08B44 D-Link DSR-500 versions prior to 1.08B77 D-Link DSR-500N versions prior to...