CVE-2015-5536

Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCode parameter in a (2) formWpsStart or (3) formiNICWpsStart request; (4) wps_enrolee_pin parameter in a formWlanSetupWPS request; or unspecified parameters in a (5) formWlanMP, (6) formBSSetSitesurvey, (7) formHwSet, or (8) formConnectionSetting request.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:belkin:n300_dual-band_wi-fi_range_extender_firmware:1.0.0:*:*:*:*:*:*:*
cpe:2.3:h:belkin:n300_dual-band_wi-fi_range_extender:*:*:*:*:*:*:*:*

Information

Published : 2015-08-13 07:59

Updated : 2016-12-23 18:59


NVD link : CVE-2015-5536

Mitre link : CVE-2015-5536


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

belkin

  • n300_dual-band_wi-fi_range_extender
  • n300_dual-band_wi-fi_range_extender_firmware