Persistent Root Access Vulnerability in D-Link DSR-250N Devices
CVE-2012-6613

7.2HIGH

Key Information:

Vendor: D-Link
Status: Dsr-250n Firmware
Vendor: CVE Published:; 25 January 2020

What is CVE-2012-6613?

The D-Link DSR-250N devices with firmware version 1.05B73_WW exhibit a vulnerability that allows persistent root access. This flaw arises from inadequate protection of the admin password, enabling malicious actors to gain unauthorized access to the admin account. Users of affected DSR-250N devices should implement immediate measures to secure their systems and consider upgrading to the latest firmware version to mitigate potential security risks. For further information and potential fixes, refer to relevant resources highlighting vulnerabilities in network devices.

References

http://www.exploit-db.com/exploits/22930/

exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 25, 2020
Vulnerability Reserved
Dec 8, 2013