CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
96.9%
An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0 file. An attacker having a directory traversal (or LFI) can easily get full router access.
Vendor | Product | Version | CPE |
---|---|---|---|
dlink | dwr-116_firmware | * | cpe:2.3:o:dlink:dwr-116_firmware:*:*:*:*:*:*:*:* |
dlink | dwr-116 | - | cpe:2.3:h:dlink:dwr-116:-:*:*:*:*:*:*:* |
dlink | dir-140l_firmware | * | cpe:2.3:o:dlink:dir-140l_firmware:*:*:*:*:*:*:*:* |
dlink | dir-140l | - | cpe:2.3:h:dlink:dir-140l:-:*:*:*:*:*:*:* |
dlink | dir-640l_firmware | * | cpe:2.3:o:dlink:dir-640l_firmware:*:*:*:*:*:*:*:* |
dlink | dir-640l | - | cpe:2.3:h:dlink:dir-640l:-:*:*:*:*:*:*:* |
dlink | dwr-512_firmware | * | cpe:2.3:o:dlink:dwr-512_firmware:*:*:*:*:*:*:*:* |
dlink | dwr-512 | - | cpe:2.3:h:dlink:dwr-512:-:*:*:*:*:*:*:* |
dlink | dwr-712_firmware | * | cpe:2.3:o:dlink:dwr-712_firmware:*:*:*:*:*:*:*:* |
dlink | dwr-712 | - | cpe:2.3:h:dlink:dwr-712:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
96.9%