CVE-2015-5994

Vulnerability

The Mediabridge Medialink MWN-WAPR300N wireless router, running firmware version 5.07.50 (and possibly earlier), uses non-unique default credentials for its web management interface and wireless network. The admin account is set to admin:admin, and the wireless network (medialink) uses medialink:password. These credentials are documented in the CERT/CC vulnerability note [1].

Exploitation

An attacker within Wi-Fi range of a router using default settings can connect to the wireless network using the default medialink:password credentials. Once connected, the attacker can access the web management interface at the router's IP address and log in with the default admin:admin credentials, gaining privileged access without any additional authentication or user interaction [1].

Impact

Successful exploitation grants the attacker full administrative privileges over the router's web management interface. This allows the attacker to change configuration settings, modify wireless security, view or alter network traffic, and potentially pivot to other devices on the network. The compromise is at the highest privilege level (admin) and affects the confidentiality, integrity, and availability of the router and connected systems [1].

Mitigation

Users should change the default credentials for both the admin account and the wireless network immediately. The vendor has not released a firmware update to address this issue; the CERT/CC note recommends changing passwords as the primary mitigation. If the device is no longer supported, replacement with a patched model is advised [1].