PT-2015-7103 · Mediabridge+1 · Mediabridge Medialink Mwn-Wapr300N+1
Joel Land
+1
·
Published
2015-12-31
·
Updated
2015-12-31
·
CVE-2015-5995
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Mediabridge Medialink MWN-WAPR300N version 5.07.50
Tenda N3 Wireless N150 (affected versions not specified)
Description
The issue allows remote attackers to gain administrative access by using a certain admin substring in an HTTP Cookie header.
Recommendations
For Mediabridge Medialink MWN-WAPR300N version 5.07.50, consider restricting access to the administrative interface until a fix is available.
For Tenda N3 Wireless N150, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mediabridge Medialink Mwn-Wapr300N
Tenda N3 Wireless N150