CVE-2016-1559
HIGHD-Link DAP-1353/DAP-2553/DAP-3520 - Exposure of Sensitive Information via SNMP
Title source: llmDescription
D-Link DAP-1353 H/W vers. B1 3.15 and earlier, D-Link DAP-2553 H/W ver. A1 1.31 and earlier, and D-Link DAP-3520 H/W ver. A1 1.16 and earlier reveal wireless passwords and administrative usernames and passwords over SNMP.
References (3)
Core 3
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559
Broken Link, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2016/Feb/112
Scores
CVSS v3
8.1
EPSS
0.0330
EPSS Percentile
87.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-200
Status
published
Products (3)
d-link/dap-1353_h\/w_b1_firmware
3.15
d-link/dap-2553_h\/w_a1_firmware
1.31
d-link/dap-3520_h\/w_a1_firmware
1.16
Published
Apr 21, 2017
Tracked Since
Feb 18, 2026