Sign-up

ID

VAR-E-201701-0681


CVE

cve_id:CVE-2016-10185

Trust: 0.3

cve_id:CVE-2016-10184

Trust: 0.3

cve_id:CVE-2016-10182

Trust: 0.3

cve_id:CVE-2016-10181

Trust: 0.3

cve_id:CVE-2016-10186

Trust: 0.3

cve_id:CVE-2016-10180

Trust: 0.3

cve_id:CVE-2016-10178

Trust: 0.3

cve_id:CVE-2016-10183

Trust: 0.3

cve_id:CVE-2016-10179

Trust: 0.3

cve_id:CVE-2016-10177

Trust: 0.3

sources: BID: 95877

TITLE

Dlink DWR-932B Multiple Security Vulnerabilities

Trust: 0.3

sources: BID: 95877

DESCRIPTION

Dlink DWR-932B is prone to the following security vulnerabilities:
1. An insecure default-password vulnerability
2. An authentication-bypass vulnerability
3. A security-bypass vulnerability
4. Multiple security weaknesses
5. An information-disclosure vulnerability
6. A command-injection vulnerability
7. Multiple directory-traversal vulnerabilities
An attacker can exploit these issues to bypass certain security restrictions to perform unauthorized actions, bypass-authentication mechanism, gain access to potentially sensitive information, or execute arbitrary commands in the context of the affected device. This may lead to further attacks.

Trust: 0.3

sources: BID: 95877

AFFECTED PRODUCTS

vendor:d linkmodel:dwr-932bscope:eqversion:0

Trust: 0.3

sources: BID: 95877

EXPLOIT

The researcher who discovered these issues has created proof-of-concepts. Please see the references for more information.

Trust: 0.3

sources: BID: 95877

PRICE

Free

Trust: 0.3

sources: BID: 95877

TYPE

Unknown

Trust: 0.3

sources: BID: 95877

CREDITS

Pierre Kim

Trust: 0.3

sources: BID: 95877

EXTERNAL IDS

db:NVDid:CVE-2016-10185

Trust: 0.3

db:NVDid:CVE-2016-10184

Trust: 0.3

db:NVDid:CVE-2016-10182

Trust: 0.3

db:NVDid:CVE-2016-10181

Trust: 0.3

db:NVDid:CVE-2016-10186

Trust: 0.3

db:NVDid:CVE-2016-10180

Trust: 0.3

db:NVDid:CVE-2016-10178

Trust: 0.3

db:NVDid:CVE-2016-10183

Trust: 0.3

db:NVDid:CVE-2016-10179

Trust: 0.3

db:NVDid:CVE-2016-10177

Trust: 0.3

db:BIDid:95877

Trust: 0.3

sources: BID: 95877

REFERENCES

url:https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html

Trust: 0.3

url:http://www.dlink.com/

Trust: 0.3

sources: BID: 95877

SOURCES

db:BIDid:95877

LAST UPDATE DATE

2022-07-27T09:32:29.088000+00:00


SOURCES UPDATE DATE

db:BIDid:95877date:2017-02-02T02:03:00

SOURCES RELEASE DATE

db:BIDid:95877date:2017-01-29T00:00:00