CVE: CVE-2015-5994 - CVE-Search

CVE Details for CVE: CVE-2015-5994

Summary

The web management interface on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 has a default password of admin for the admin account and a default password of password for the medialink account, which allows remote attackers to obtain administrative privileges by leveraging a Wi-Fi session.

Timestamps
Last major update	31-12-2015 - 21:11
Published	31-12-2015 - 05:59
Last modified	31-12-2015 - 21:11

References

https://www.kb.cert.org/vuls/id/630872

Vulnerable Configurations

cpe:2.3:o:mediabridge:medialink_mwn-wapr300n_firmware:5.07.50:*:*:*:*:*:*:*
cpe:2.3:o:mediabridge:medialink_mwn-wapr300n_firmware:5.07.50:*:*:*:*:*:*:*
cpe:2.3:h:mediabridge:medialink_mwn-wapr300n:*:*:*:*:*:*:*:*
cpe:2.3:h:mediabridge:medialink_mwn-wapr300n:*:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

CWE

CWE-255

CVSS

Base

7.9

Impact

10.0

Exploitability

5.5

Access

Vector	Complexity	Authentication
ADJACENT_NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

CVSS3

Base

6.8

Impact

5.9

Exploitability

0.9

Access

Attack Complexity	Attack vector	Privileges Required	Scope	User Interaction
LOW	ADJACENT_NETWORK	HIGH	UNCHANGED	NONE

Impact

Confidentiality	Integrity	Availability
HIGH	HIGH	HIGH

VIA4 references

cvss-vector via4

AV:A/AC:M/Au:N/C:C/I:C/A:C

cvss3-vector via4

CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

refmap via4

cert-vn

VU#630872