Dlink Dwr-932b
10 CVEs affecting Dlink Dwr-932b. Latest disclosed: 2017-01-30. Critical: 3, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-10182 | Critical | 9.8 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters. |
CVE-2016-10178 | Critical | 9.8 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/sh" command. |
CVE-2016-10177 | Critical | 9.8 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the pā¦ |
CVE-2016-10186 | High | 7.5 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules. |
CVE-2016-10185 | High | 7.5 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. A secure_mode=no line exists in /var/miniupnpd.conf. |
CVE-2016-10184 | High | 7.5 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal. |
CVE-2016-10183 | High | 7.5 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal. |
CVE-2016-10181 | High | 7.5 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=get_homeCfg requests. |
CVE-2016-10180 | High | 7.5 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding. |
CVE-2016-10179 | High | 7.5 | 2017-01-30 | An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607. |