Description
D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 stores account passwords in cleartext, which allows local users to obtain sensitive information by reading the Users[#]["Password"] fields in /tmp/teamf1.cfg.ascii.
Published: 2013-12-19
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2013-6806 D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 stores account passwords in cleartext, which allows local users to obtain sensitive information by reading the Users[#]["Password"] fields in /tmp/teamf1.cfg.ascii.
References
Link Providers
http://www.exploit-db.com/exploits/30061 cve-icon cve-icon
History

No history.

Subscriptions

Dlink Dsr-1000 Dsr-1000 Firmware Dsr-1000n Dsr-1000n Firmware Dsr-150 Dsr-150 Firmware Dsr-150n Dsr-150n Firmware Dsr-250 Dsr-250 Firmware Dsr-250n Dsr-250n Firmware Dsr-500 Dsr-500 Firmware Dsr-500n Dsr-500n Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-06T17:53:46.062Z

Reserved: 2013-12-07T00:00:00.000Z

Link: CVE-2013-7005

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-12-19T04:24:57.493

Modified: 2026-04-29T01:13:23.040

Link: CVE-2013-7005

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses