Dwr 932b Firmware
Sign in to watchby Dlink
CVEs (10)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-10182 | Cri | 0.68 | 9.8 | 0.49 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters. | |
| CVE-2016-10178 | Cri | 0.65 | 9.8 | 0.22 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/sh" command. | |
| CVE-2016-10177 | Cri | 0.65 | 9.8 | 0.20 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234. | |
| CVE-2016-10181 | Hig | 0.50 | 7.5 | 0.12 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=get_homeCfg requests. | |
| CVE-2016-10179 | Hig | 0.50 | 7.5 | 0.12 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607. | |
| CVE-2016-10186 | Hig | 0.49 | 7.5 | 0.03 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules. | |
| CVE-2016-10185 | Hig | 0.49 | 7.5 | 0.03 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. A secure_mode=no line exists in /var/miniupnpd.conf. | |
| CVE-2016-10184 | Hig | 0.49 | 7.5 | 0.06 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal. | |
| CVE-2016-10183 | Hig | 0.49 | 7.5 | 0.06 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal. | |
| CVE-2016-10180 | Hig | 0.49 | 7.5 | 0.04 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding. |