This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ampedwireless First view 2015-12-31
Product r10000 Firmware Last view 2015-12-31
Version 2.5.2.11 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:ampedwireless:r10000_firmware

Activity : Overall

Related : CVE

  Date Alert Description
5.3 2015-12-31 CVE-2015-7279

Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.

8.8 2015-12-31 CVE-2015-7278

Cross-site request forgery (CSRF) vulnerability on Amped Wireless R10000 devices with firmware 2.5.2.11 allows remote attackers to hijack the authentication of arbitrary users.

9.8 2015-12-31 CVE-2015-7277

The web administration interface on Amped Wireless R10000 devices with firmware 2.5.2.11 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-352 Cross-Site Request Forgery (CSRF)
50% (1) CWE-255 Credentials Management