Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-5996 | 1 Mediabridge | 2 Medialink Mwn-wapr300n, Medialink Mwn-wapr300n Firmware | 2018-07-27 | 6.8 MEDIUM | 8.8 HIGH |
Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 allows remote attackers to hijack the authentication of arbitrary users. | |||||
CVE-2015-5994 | 1 Mediabridge | 2 Medialink Mwn-wapr300n, Medialink Mwn-wapr300n Firmware | 2015-12-31 | 7.9 HIGH | 6.8 MEDIUM |
The web management interface on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 has a default password of admin for the admin account and a default password of password for the medialink account, which allows remote attackers to obtain administrative privileges by leveraging a Wi-Fi session. | |||||
CVE-2015-5995 | 2 Mediabridge, Tenda | 3 Medialink Mwn-wapr300n, Medialink Mwn-wapr300n Firmware, N3 Wireless N150 | 2015-12-31 | 10.0 HIGH | 9.8 CRITICAL |
Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and Tenda N3 Wireless N150 devices allow remote attackers to obtain administrative access via a certain admin substring in an HTTP Cookie header. |