CVE-2013-7004

Name of the Vulnerable Software and Affected Versions D-Link DSR-150 versions prior to 1.08B44 D-Link DSR-150N versions prior to 1.05B64 D-Link DSR-250 versions prior to 1.08B44 D-Link DSR-250N versions prior to 1.08B44 D-Link DSR-500 versions prior to 1.08B77 D-Link DSR-500N versions prior to 1.08B77 D-Link DSR-1000 versions prior to 1.08B77 D-Link DSR-1000N versions prior to 1.08B77

Description The issue is related to a hardcoded account with administrative privileges, specifically with the username gkJ9232xXyruTRmY. This makes it easier for remote attackers to gain access by leveraging their knowledge of the username.

Recommendations For D-Link DSR-150 versions prior to 1.08B44, update the firmware to version 1.08B44 or later. For D-Link DSR-150N versions prior to 1.05B64, update the firmware to version 1.05B64 or later. For D-Link DSR-250 versions prior to 1.08B44, update the firmware to version 1.08B44 or later. For D-Link DSR-250N versions prior to 1.08B44, update the firmware to version 1.08B44 or later. For D-Link DSR-500 versions prior to 1.08B77, update the firmware to version 1.08B77 or later. For D-Link DSR-500N versions prior to 1.08B77, update the firmware to version 1.08B77 or later. For D-Link DSR-1000 versions prior to 1.08B77, update the firmware to version 1.08B77 or later. For D-Link DSR-1000N versions prior to 1.08B77, update the firmware to version 1.08B77 or later.