CVE-2016-1559

Published on: 04/21/2017 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:04 PM UTC

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Dap-1353 H/w B1 from D-link contain the following vulnerability:

D-Link DAP-1353 H/W vers. B1 3.15 and earlier, D-Link DAP-2553 H/W ver. A1 1.31 and earlier, and D-Link DAP-3520 H/W ver. A1 1.16 and earlier reveal wireless passwords and administrative usernames and passwords over SNMP.

  • CVE-2016-1559 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 8.1 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK HIGH NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 2.6 - LOW

Access
Vector
Access
Complexity
Authentication
NETWORK HIGH NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL NONE NONE

CVE References

Description Tags Link
Full Disclosure: D-Link, Netgear Router Vulnerabiltiies Mailing List
Third Party Advisory
seclists.org
text/html
URL Logo FULLDISC 20160225 D-Link, Netgear Router Vulnerabiltiies
FIRMADYNE CVE-2016-1558 & CVE-2016-1559 | D-Link Patch
Vendor Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559
D-Link / Netgear FIRMADYNE Command Injection / Buffer Overflow ≈ Packet Storm Broken Link
Third Party Advisory
VDB Entry
packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
HardwareD-linkDap-1353 H/w B1-AllAllAll
HardwareD-linkDap-1353 H/w B1-AllAllAll
Operating
System
D-linkDap-1353 H/w B1 Firmware3.15AllAllAll
Operating
System
D-linkDap-1353 H/w B1 Firmware3.15AllAllAll
HardwareD-linkDap-2553 H/w A1-AllAllAll
HardwareD-linkDap-2553 H/w A1-AllAllAll
Operating
System
D-linkDap-2553 H/w A1 Firmware1.31AllAllAll
Operating
System
D-linkDap-2553 H/w A1 Firmware1.31AllAllAll
HardwareD-linkDap-3520 H/w A1-AllAllAll
HardwareD-linkDap-3520 H/w A1-AllAllAll
Operating
System
D-linkDap-3520 H/w A1 Firmware1.16AllAllAll
Operating
System
D-linkDap-3520 H/w A1 Firmware1.16AllAllAll
  • cpe:2.3:h:d-link:dap-1353_h\/w_b1:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-1353_h\/w_b1:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-1353_h\/w_b1_firmware:3.15:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-1353_h\/w_b1_firmware:3.15:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2553_h\/w_a1:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2553_h\/w_a1:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2553_h\/w_a1_firmware:1.31:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2553_h\/w_a1_firmware:1.31:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-3520_h\/w_a1:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-3520_h\/w_a1:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-3520_h\/w_a1_firmware:1.16:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-3520_h\/w_a1_firmware:1.16:*:*:*:*:*:*:*: