DWR-932B

CVEs (10)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-10182	Dlink Dwr 932b Firmware	Cri	0.68	9.8	0.49	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters.
CVE-2016-10178	Dlink Dwr 932b Firmware	Cri	0.65	9.8	0.22	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/sh" command.
CVE-2016-10177	Dlink Dwr 932b Firmware	Cri	0.65	9.8	0.20	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234.
CVE-2016-10181	Dlink Dwr 932b Firmware	Hig	0.50	7.5	0.12	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=get_homeCfg requests.
CVE-2016-10179	Dlink Dwr 932b Firmware	Hig	0.50	7.5	0.12	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607.
CVE-2016-10186	Dlink Dwr 932b Firmware	Hig	0.49	7.5	0.04	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules.
CVE-2016-10185	Dlink Dwr 932b Firmware	Hig	0.49	7.5	0.04	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. A secure_mode=no line exists in /var/miniupnpd.conf.
CVE-2016-10184	Dlink Dwr 932b Firmware	Hig	0.49	7.5	0.07	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal.
CVE-2016-10183	Dlink Dwr 932b Firmware	Hig	0.49	7.5	0.07	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal.
CVE-2016-10180	Dlink Dwr 932b Firmware	Hig	0.49	7.5	0.03	Jan 30, 2017	An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding.

CVE-2016-10182CriJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.68cvss 9.8epss 0.49
An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters.
CVE-2016-10178CriJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.65cvss 9.8epss 0.22
An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/sh" command.
CVE-2016-10177CriJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.65cvss 9.8epss 0.20
An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234.
CVE-2016-10181HigJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.50cvss 7.5epss 0.12
An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=get_homeCfg requests.
CVE-2016-10179HigJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.50cvss 7.5epss 0.12
An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607.
CVE-2016-10186HigJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.49cvss 7.5epss 0.04
An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules.
CVE-2016-10185HigJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.49cvss 7.5epss 0.04
An issue was discovered on the D-Link DWR-932B router. A secure_mode=no line exists in /var/miniupnpd.conf.
CVE-2016-10184HigJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.49cvss 7.5epss 0.07
An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal.
CVE-2016-10183HigJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.49cvss 7.5epss 0.07
An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal.
CVE-2016-10180HigJan 30, 2017
Dlink
Dwr 932b Firmware
risk 0.49cvss 7.5epss 0.03
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding.