This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Readynet Solutions | First view | 2015-12-31 |
| Product | wrt300n-Dd Firmware | Last view | 2015-12-31 |
| Version | 1.0.26 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:readynet_solutions:wrt300n-dd_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.8 | 2015-12-31 | CVE-2015-7282 | ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port. |
| 8.8 | 2015-12-31 | CVE-2015-7281 | Cross-site request forgery (CSRF) vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users. |
| 9.8 | 2015-12-31 | CVE-2015-7280 | The web administration interface on ReadyNet WRT300N-DD devices with firmware 1.0.26 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 33% (1) | CWE-255 | Credentials Management |
| 33% (1) | CWE-20 | Improper Input Validation |
