Default credentials

2020-02-1915:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.6%

JSON

D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain “persistent root access” via the BusyBox CLI, as demonstrated by overwriting the super user password.

CPENameOperatorVersion
dsr-250n_firmwareeq< 1.8b31

CPE	Name	Operator	Version
	dsr-250n_firmware	eq	< 1.8b31

References

ftp://ftp2.dlink.com/PRODUCTS/DSR-250N/REVA/DSR-SERIES_RELEASE_NOTES_v3.14.pdf

packetstormsecurity.com/files/118355/D-Link-DSR-250N-Backdoor.html

www.exploit-db.com/exploits/22930/