Directory Traversal Vulnerability in D-Link DWR-932B Router
CVE-2016-10183

7.5HIGH

Key Information:

Vendor: D-Link
Status: Dwr-932b Firmware
Vendor: CVE Published:; 30 January 2017

Summary

A directory traversal vulnerability has been identified in the D-Link DWR-932B router, which affects how the router's qmiweb service operates. This flaw enables unauthorized directory listing and potential access to sensitive files on the device using directory traversal techniques. Users should take immediate steps to mitigate this issue by applying available patches and reviewing their network security configurations.

References

https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932...

x_refsource_MISC

http://www.securityfocus.com/bid/95877

vdb-entryx_refsource_BID

EPSS Score

28% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 30, 2017
Vulnerability Reserved
Jan 29, 2017