CVE-2016-10125
First published: Mon Jan 09 2017(Updated: )
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dlink Dgs-1100 Firmware | =1.01.018 | |
| Dlink Dgs-1100-05 | ||
| Dlink Dgs-1100-05pd | ||
| Dlink Dgs-1100-08 | ||
| Dlink Dgs-1100-08p | ||
| Dlink Dgs-1100-10mp | ||
| Dlink Dgs-1100-10mpp | ||
| Dlink Dgs-1100-16 | ||
| Dlink Dgs-1100-18 | ||
| Dlink Dgs-1100-24 | ||
| Dlink Dgs-1100-24p | ||
| Dlink Dgs-1100-26 | ||
| Dlink Dgs-1100-26mp |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/dlink
- canonical/dlink dgs-1100 firmware
- version/dlink dgs-1100 firmware/1.01.018
- canonical/dlink dgs-1100-05
- canonical/dlink dgs-1100-05pd
- canonical/dlink dgs-1100-08
- canonical/dlink dgs-1100-08p
- canonical/dlink dgs-1100-10mp
- canonical/dlink dgs-1100-10mpp
- canonical/dlink dgs-1100-16
- canonical/dlink dgs-1100-18
- canonical/dlink dgs-1100-24
- canonical/dlink dgs-1100-24p
- canonical/dlink dgs-1100-26
- canonical/dlink dgs-1100-26mp