CVE-2013-7004

D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 have a hardcoded account of username gkJ9232xXyruTRmY, which makes it easier for remote attackers to obtain access by leveraging knowledge of the username.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
dlinkdsr-500_firmware
𝑥
≤ 1.08b51
dlinkdsr-500_firmware
1.02b11:b11
dlinkdsr-500_firmware
1.02b25:b25
dlinkdsr-500_firmware
1.03b12:b12
dlinkdsr-500_firmware
1.03b23:b23
dlinkdsr-500_firmware
1.03b27:b27
dlinkdsr-500_firmware
1.03b36:b36
dlinkdsr-500_firmware
1.03b43:b43
dlinkdsr-500_firmware
1.04b58:b58
dlinkdsr-500_firmware
1.06b43:b43
dlinkdsr-500_firmware
1.06b53:b53
dlinkdsr-500
-
dlinkdsr-150n_firmware
𝑥
≤ 1.05b48
dlinkdsr-150n
-
dlinkdsr-250n_firmware
𝑥
≤ 1.08b39
dlinkdsr-250n_firmware
1.01b46:b46
dlinkdsr-250n_firmware
1.01b56:b56
dlinkdsr-250n_firmware
1.05b20:b20
dlinkdsr-250n_firmware
1.05b53:b53
dlinkdsr-250n_firmware
1.08b31:b31
dlinkdsr-150_firmware
𝑥
≤ 1.08b29
dlinkdsr-150_firmware
1.05b29:b29
dlinkdsr-150_firmware
1.05b35:b35
dlinkdsr-150_firmware
1.05b46:b46
dlinkdsr-150_firmware
1.05b50:b50
dlinkdsr-150
-
dlinkdsr-500n_firmware
𝑥
≤ 1.08b51
dlinkdsr-500n_firmware
1.02b11:b11
dlinkdsr-500n_firmware
1.02b25:b25
dlinkdsr-500n_firmware
1.03b12:b12
dlinkdsr-500n_firmware
1.03b23:b23
dlinkdsr-500n_firmware
1.03b27:b27
dlinkdsr-500n_firmware
1.03b36:b36
dlinkdsr-500n_firmware
1.03b43:b43
dlinkdsr-500n_firmware
1.04b58:b58
dlinkdsr-500n_firmware
1.06b43:b43
dlinkdsr-500n_firmware
1.06b53:b53
dlinkdsr-500n
-
dlinkdsr-1000n_firmware
𝑥
≤ 1.08b51
dlinkdsr-1000n_firmware
1.01b50:b50
dlinkdsr-1000n_firmware
1.02b11:b11
dlinkdsr-1000n_firmware
1.02b25:b25
dlinkdsr-1000n_firmware
1.03b12:b12
dlinkdsr-1000n_firmware
1.03b23:b23
dlinkdsr-1000n_firmware
1.03b27:b27
dlinkdsr-1000n_firmware
1.03b36:b36
dlinkdsr-1000n_firmware
1.03b43:b43
dlinkdsr-1000n_firmware
1.04b58:b58
dlinkdsr-1000n_firmware
1.06b43:b43
dlinkdsr-1000n_firmware
1.06b53:b53
dlinkdsr-1000n
-
dlinkdsr-250_firmware
𝑥
≤ 1.08b39
dlinkdsr-250_firmware
1.01b46:b46
dlinkdsr-250_firmware
1.01b56:b56
dlinkdsr-250_firmware
1.05b20:b20
dlinkdsr-250_firmware
1.05b53:b53
dlinkdsr-250_firmware
1.08b31:b31
dlinkdsr-250
-
dlinkdsr-1000_firmware
𝑥
≤ 1.08b51
dlinkdsr-1000_firmware
1.01b50:b50
dlinkdsr-1000_firmware
1.02b11:b11
dlinkdsr-1000_firmware
1.02b25:b25
dlinkdsr-1000_firmware
1.03b12:b12
dlinkdsr-1000_firmware
1.03b23:b23
dlinkdsr-1000_firmware
1.03b27:b27
dlinkdsr-1000_firmware
1.03b36:b36
dlinkdsr-1000_firmware
1.03b43:b43
dlinkdsr-1000_firmware
1.04b58:b58
dlinkdsr-1000_firmware
1.06b43:b43
dlinkdsr-1000_firmware
1.06b53:b53
dlinkdsr-1000
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tsd.dlink.com.tw/temp/PMD/12879/DSR-500_500N_1000_1000N_A1_Release_Notes_FW_v1.08B77_WW.pdf
http://tsd.dlink.com.tw/temp/PMD/12960/DSR-150N_A2_Release_Notes_FW_v1.05B64_WW.pdf
http://tsd.dlink.com.tw/temp/PMD/12966/DSR-150_A1_A2_Release_Notes_FW_v1.08B44_WW.pdf
http://tsd.dlink.com.tw/temp/PMD/13039/DSR-250_250N_A1_A2_Release_Notes_FW_v1.08B44_WW_RU.pdf
http://www.exploit-db.com/exploits/30061
http://tsd.dlink.com.tw/temp/PMD/12879/DSR-500_500N_1000_1000N_A1_Release_Notes_FW_v1.08B77_WW.pdf
http://tsd.dlink.com.tw/temp/PMD/12960/DSR-150N_A2_Release_Notes_FW_v1.05B64_WW.pdf
http://tsd.dlink.com.tw/temp/PMD/12966/DSR-150_A1_A2_Release_Notes_FW_v1.08B44_WW.pdf
http://tsd.dlink.com.tw/temp/PMD/13039/DSR-250_250N_A1_A2_Release_Notes_FW_v1.08B44_WW_RU.pdf
http://www.exploit-db.com/exploits/30061