Hardcoded WPS PIN Vulnerability in D-Link DWR-932B Router
CVE-2016-10179

7.5HIGH

Key Information:

Vendor: D-Link
Status: Dwr-932b Firmware
Vendor: CVE Published:; 30 January 2017

Summary

The D-Link DWR-932B router has a vulnerability that stems from a hardcoded Wi-Fi Protected Setup (WPS) PIN, specifically set to 28296607. This design flaw allows unauthorized users to easily gain access to the router network, possibly compromising the security and privacy of connected devices. Proper security measures and updates are essential for users to protect their networks from potential exploitation.

References

https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932...

x_refsource_MISC

http://www.securityfocus.com/bid/95877

vdb-entryx_refsource_BID

EPSS Score

11% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 30, 2017
Vulnerability Reserved
Jan 29, 2017