CVE-2015-7247

CRITICAL

D-link Dvg-n5402sp Firmware - Information Disclosure

Title source: rule

Description

D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information.

Exploits (1)

exploitdb WRITEUP
by Karn Ganeshen · textwebappshardware
https://www.exploit-db.com/exploits/39409

References (3)

Scores

CVSS v3 9.8
EPSS 0.3094
EPSS Percentile 96.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-200
Status published
Products (3)
d-link/dvg-n5402sp_firmware w1000cn-00
d-link/dvg-n5402sp_firmware w1000cn-03
d-link/dvg-n5402sp_firmware w2000en-00
Published Apr 24, 2017
Tracked Since Feb 18, 2026