CVE-2015-7246

D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/135590/D-Link-DVG-N5402SP-Path-Traversal-Information-Disclosure.html
http://seclists.org/fulldisclosure/2016/Feb/24
https://www.exploit-db.com/exploits/39409/
http://packetstormsecurity.com/files/135590/D-Link-DVG-N5402SP-Path-Traversal-Information-Disclosure.html
http://seclists.org/fulldisclosure/2016/Feb/24
https://www.exploit-db.com/exploits/39409/