Published: 23/02/2017 Updated: 16/08/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware prior to 1.31.B003 allow malicious users to conduct Unauthenticated Information Disclosure attacks via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dlink websmart_dgs-1510_series_firmware

================ get-user-infopy ================ import re import ospath import urllib2 import base64 import gzip import zlib from StringIO import StringIO from io import BytesIO def make_requests(): """Calls request functions sequentially""" response = [None] responseText = None if(request_ip(response)): # Success, possibly use respon ...

The DGS-1510 Websmart switch series firmware has been found to have security vulneratiblies. The vulnerabilities include unauthenticated command bypass and unauthenticated information disclosure.

CVE-2017-6206 The DGS-1510 Websmart switch series firmware has been found to have security vulneratiblies The vulnerabilities include unauthenticated command bypass and unauthenticated information disclosure exploitsh contains both PoC code and it will create a remote user at specified D-Link Enterprise Switch Without Authentication vamin$ sh exploitsh "1111" #

D-Link resolves enterprise switch hacker risk

The Register • John Leyden • 27 Feb 2017

Don't wait - update now

D-Link has resolved an authentication bypass flaw in one of its enterprise switches. Flaws in the vendor's DGS-1510 enterprise switch kit, discovered by security researchers Varang Amin and Aditya Sood, were resolved with a firmware update (pdf advisory here). Left unresolved, the security bug can create an unauthenticated command bypass and presents unauthenticated information disclosure risk. "A remote attacker can exploit the authentication bypass vulnerabilities to execute remote and local c...

CVE-2017-6206

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect