Sign-up

ID

VAR-201512-0077


CVE

CVE-2015-5994


TITLE

Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#630872

DESCRIPTION

The web management interface on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 has a default password of admin for the admin account and a default password of password for the medialink account, which allows remote attackers to obtain administrative privileges by leveraging a Wi-Fi session. Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N, firmware version 5.07.50 and possibly earlier, uses non-unique default credentials and is vulnerable to universal authentication bypass and cross-site request forgery (CSRF). Mediabridge Provided by Medialink Wireless-N Broadband Router The default settings use the same authentication information for all devices. There are also authentication bypass vulnerabilities and cross-site request forgery vulnerabilities. admin:admin The authentication information is used. Also for wireless networks medialink:password Common authentication information is used. These authentication information is common to all devices. If the product is used with default settings, an attacker within range of the wireless network may directly manipulate the web interface or be used for attacks such as cross-site request forgery. CWE-255: Credentials Management https://cwe.mitre.org/data/definitions/255.html Without security and verification of security decisions Cookie Trust (CWE-784) - CVE-2015-5995 The product is sent from the client HTTP Cookie Authentication is performed by checking the header value. LAN By attackers who can connect to HTTP Cookie Header is "Cookie: language-en; admin:language-en" If the authentication information is not known, it may be accessed with administrator privileges. CWE-784: Reliance on Cookies without Validation and Integrity Checking in a Security Decision https://cwe.mitre.org/data/definitions/784.html In addition, National Vulnerability Database (NVD) Then CWE-264 It is published as Cross-site request forgery (CWE-352) - CVE-2015-5996 The product contains a cross-site request forgery vulnerability. A user who has logged in to the product has been prepared by a remote attacker URL By accessing, you may be able to operate the product. The default setting of the product allows attacks even when the user is not logged in. CWE-352: Cross-Site Request Forgery (CSRF) https://cwe.mitre.org/data/definitions/352.htmlA remote attacker may be able to cause unintended operations by users who are logged into the product. Also, LAN An attacker with access to your device could bypass the authentication and manipulate your device directly. Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N is a wireless broadband router product. Mediabridge Medialink Wireless-N Broadband Router is prone to the following multiple security vulnerabilities. 1. An authentication-bypass vulnerability 2. A security-bypass vulnerability 3. Other attacks are also possible. A remote attacker could exploit this vulnerability via a Wi-Fi session to gain administrator privileges

Trust: 3.24

sources: NVD: CVE-2015-5994 // CERT/CC: VU#630872 // JVNDB: JVNDB-2015-004731 // CNVD: CNVD-2015-06116 // BID: 76609 // VULHUB: VHN-83955

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-06116

AFFECTED PRODUCTS

vendor:mediabridgemodel:medialink mwn-wapr300nscope:lteversion:5.07.50

Trust: 1.0

vendor:mediabridgemodel: - scope: - version: -

Trust: 0.8

vendor:tendamodel: - scope: - version: -

Trust: 0.8

vendor:mediabridgemodel:medialink wireless-n broadband router mwn-wapr300nscope: - version: -

Trust: 0.8

vendor:mediabridgemodel:medialink wireless-n broadband router mwn-wapr300nscope:eqversion:version 5.07.50

Trust: 0.8

vendor:mediabridgemodel:products medialink wireless-n broadband router mwn-wapr300nscope: - version: -

Trust: 0.6

vendor:mediabridgemodel:medialink mwn-wapr300nscope:eqversion:5.07.50

Trust: 0.6

vendor:mediabridgemodel:medialink wireless-n broadband router mwn-wapr300nscope:eqversion:5.07.50

Trust: 0.3

sources: CERT/CC: VU#630872 // CNVD: CNVD-2015-06116 // BID: 76609 // JVNDB: JVNDB-2015-004731 // CNNVD: CNNVD-201509-204 // NVD: CVE-2015-5994

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-5994
value: MEDIUM

Trust: 1.0

IPA: JVNDB-2015-004731
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-06116
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201509-204
value: HIGH

Trust: 0.6

VULHUB: VHN-83955
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-5994
severity: HIGH
baseScore: 7.9
vectorString: AV:A/AC:M/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 5.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2015-004731
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2015-06116
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-83955
severity: HIGH
baseScore: 7.9
vectorString: AV:A/AC:M/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 5.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-5994
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: CNVD: CNVD-2015-06116 // VULHUB: VHN-83955 // JVNDB: JVNDB-2015-004731 // CNNVD: CNNVD-201509-204 // NVD: CVE-2015-5994

PROBLEMTYPE DATA

problemtype:CWE-255

Trust: 1.9

problemtype:CWE-Other

Trust: 0.8

problemtype:CWE-352

Trust: 0.8

problemtype:CWE-264

Trust: 0.8

sources: VULHUB: VHN-83955 // JVNDB: JVNDB-2015-004731 // NVD: CVE-2015-5994

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201509-204

TYPE

trust management

Trust: 0.6

sources: CNNVD: CNNVD-201509-204

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-004731

PATCH
title:Medialink Wireless-N Broadband Router with Internal Antennas (300 Mbps)url:http://www.mediabridgeproducts.com/store/pc/viewPrd.asp?idproduct=374
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-004731

EXTERNAL IDS
db:CERT/CCid:VU#630872
Trust: 4.2
db:NVDid:CVE-2015-5994
Trust: 3.4
db:JVNid:JVNVU94201169
Trust: 0.8
db:JVNDBid:JVNDB-2015-004731
Trust: 0.8
db:CNNVDid:CNNVD-201509-204
Trust: 0.7
db:CNVDid:CNVD-2015-06116
Trust: 0.6
db:BIDid:76609
Trust: 0.3
db:VULHUBid:VHN-83955
Trust: 0.1
sources:
            
            
            CERT/CC: VU#630872 // 
            
            
            
            CNVD: CNVD-2015-06116 // 
            
            
            
            VULHUB: VHN-83955 // 
            
            
            
            BID: 76609 // 
            
            
            
            JVNDB: JVNDB-2015-004731 // 
            
            
            
            CNNVD: CNNVD-201509-204 // 
            
            
            
            NVD: CVE-2015-5994

REFERENCES
url:https://www.kb.cert.org/vuls/id/630872
Trust: 3.4
url:https://www.mediabridgeproducts.com/store/pc/viewprd.asp?idproduct=374&idcategory=198
Trust: 0.8
url:http://www.tekrevue.com/one-mistake-fall-mediabridge/
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/255.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/784.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/352.html
Trust: 0.8
url:http://seclists.org/fulldisclosure/2016/may/60
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5994
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5995
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5996
Trust: 0.8
url:http://jvn.jp/vu/jvnvu94201169/index.html
Trust: 0.8
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5994
Trust: 0.8
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5995
Trust: 0.8
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5996
Trust: 0.8
url:https://www.mediabridgeproducts.com/store/pc/viewprd.asp?idproduct=374
Trust: 0.6
url:http://www.mediabridgeproducts.com/store/pc/home.asp
Trust: 0.3
sources:
            
            
            CERT/CC: VU#630872 // 
            
            
            
            CNVD: CNVD-2015-06116 // 
            
            
            
            VULHUB: VHN-83955 // 
            
            
            
            BID: 76609 // 
            
            
            
            JVNDB: JVNDB-2015-004731 // 
            
            
            
            CNNVD: CNNVD-201509-204 // 
            
            
            
            NVD: CVE-2015-5994

CREDITS
Joel Land of the CERT/CC.
Trust: 0.3
sources:
            
            
            BID: 76609

SOURCES
db:CERT/CCid:VU#630872
db:CNVDid:CNVD-2015-06116
db:VULHUBid:VHN-83955
db:BIDid:76609
db:JVNDBid:JVNDB-2015-004731
db:CNNVDid:CNNVD-201509-204
db:NVDid:CVE-2015-5994

LAST UPDATE DATE
2024-11-23T22:13:22.016000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#630872date:2016-05-31T00:00:00
db:CNVDid:CNVD-2015-06116date:2015-09-22T00:00:00
db:VULHUBid:VHN-83955date:2015-12-31T00:00:00
db:BIDid:76609date:2015-09-03T00:00:00
db:JVNDBid:JVNDB-2015-004731date:2016-01-07T00:00:00
db:CNNVDid:CNNVD-201509-204date:2016-01-04T00:00:00
db:NVDid:CVE-2015-5994date:2024-11-21T02:34:15.757

SOURCES RELEASE DATE
db:CERT/CCid:VU#630872date:2015-09-03T00:00:00
db:CNVDid:CNVD-2015-06116date:2015-09-22T00:00:00
db:VULHUBid:VHN-83955date:2015-12-31T00:00:00
db:BIDid:76609date:2015-09-03T00:00:00
db:JVNDBid:JVNDB-2015-004731date:2015-09-18T00:00:00
db:CNNVDid:CNNVD-201509-204date:2015-09-17T00:00:00
db:NVDid:CVE-2015-5994date:2015-12-31T05:59:11.487