Search
Find a vulnerability
Search criteria
3 vulnerabilities by ampedwireless
VAR-201512-0088
Vulnerability from variot - Updated: 2025-04-13 23:03Cross-site request forgery (CSRF) vulnerability on Amped Wireless R10000 devices with firmware 2.5.2.11 allows remote attackers to hijack the authentication of arbitrary users. AmpedWirelessR10000deviceswithfirmware is the R10000 series router from AmpedWireless. A cross-site request forgery vulnerability exists in AmpedWirelessR10000deviceswithfirmware2.5.2.11. An attacker can exploit these issues to bypass certain security restrictions, allowing attackers to perform certain unauthorized actions or by tricking a victim into following a specially crafted HTTP request designed to perform some action on the attacker's behalf using a victim's currently active session. A remote attacker could exploit this vulnerability to perform unauthorized operations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0088",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r10000",
"scope": "eq",
"trust": 1.6,
"vendor": "ampedwireless",
"version": "2.5.2.11"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amped",
"version": null
},
{
"model": "wireless r10000",
"scope": null,
"trust": 0.8,
"vendor": "amped",
"version": null
},
{
"model": "wireless r10000",
"scope": "eq",
"trust": 0.8,
"vendor": "amped",
"version": "2.5.2.11"
},
{
"model": "wireless r10000 devices with",
"scope": "eq",
"trust": 0.6,
"vendor": "amped",
"version": "2.5.2.11"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00145"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006585"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-317"
},
{
"db": "NVD",
"id": "CVE-2015-7278"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:ampedwireless:r10000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ampedwireless:r10000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006585"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joel Land of the CERT/CC",
"sources": [
{
"db": "BID",
"id": "78818"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-317"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7278",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7278",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-00145",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85239",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2015-7278",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7278",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-7278",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-00145",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-317",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85239",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00145"
},
{
"db": "VULHUB",
"id": "VHN-85239"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006585"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-317"
},
{
"db": "NVD",
"id": "CVE-2015-7278"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site request forgery (CSRF) vulnerability on Amped Wireless R10000 devices with firmware 2.5.2.11 allows remote attackers to hijack the authentication of arbitrary users. AmpedWirelessR10000deviceswithfirmware is the R10000 series router from AmpedWireless. A cross-site request forgery vulnerability exists in AmpedWirelessR10000deviceswithfirmware2.5.2.11. \nAn attacker can exploit these issues to bypass certain security restrictions, allowing attackers to perform certain unauthorized actions or by tricking a victim into following a specially crafted HTTP request designed to perform some action on the attacker\u0027s behalf using a victim\u0027s currently active session. A remote attacker could exploit this vulnerability to perform unauthorized operations",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7278"
},
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006585"
},
{
"db": "CNVD",
"id": "CNVD-2016-00145"
},
{
"db": "BID",
"id": "78818"
},
{
"db": "VULHUB",
"id": "VHN-85239"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#763576",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2015-7278",
"trust": 3.4
},
{
"db": "BID",
"id": "78818",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU99863047",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006585",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-317",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-00145",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-85239",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00145"
},
{
"db": "VULHUB",
"id": "VHN-85239"
},
{
"db": "BID",
"id": "78818"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006585"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-317"
},
{
"db": "NVD",
"id": "CVE-2015-7278"
}
]
},
"id": "VAR-201512-0088",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00145"
},
{
"db": "VULHUB",
"id": "VHN-85239"
}
],
"trust": 1.575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00145"
}
]
},
"last_update_date": "2025-04-13T23:03:36.695000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "High Power Wireless-N 600mW Smart Router R10000",
"trust": 0.8,
"url": "http://www.ampedwireless.com/products/r10000.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006585"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85239"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006585"
},
{
"db": "NVD",
"id": "CVE-2015-7278"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.kb.cert.org/vuls/id/763576"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/78818"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7278"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99863047/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7278"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00145"
},
{
"db": "VULHUB",
"id": "VHN-85239"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006585"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-317"
},
{
"db": "NVD",
"id": "CVE-2015-7278"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00145"
},
{
"db": "VULHUB",
"id": "VHN-85239"
},
{
"db": "BID",
"id": "78818"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006585"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-317"
},
{
"db": "NVD",
"id": "CVE-2015-7278"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#763576"
},
{
"date": "2016-01-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00145"
},
{
"date": "2015-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-85239"
},
{
"date": "2015-12-10T00:00:00",
"db": "BID",
"id": "78818"
},
{
"date": "2016-01-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006585"
},
{
"date": "2015-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-317"
},
{
"date": "2015-12-31T05:59:20.400000",
"db": "NVD",
"id": "CVE-2015-7278"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#763576"
},
{
"date": "2016-01-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00145"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-85239"
},
{
"date": "2015-12-10T00:00:00",
"db": "BID",
"id": "78818"
},
{
"date": "2016-01-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006585"
},
{
"date": "2016-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-317"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7278"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-317"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Amped Wireless R10000 router contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-317"
}
],
"trust": 0.6
}
}
VAR-201512-0087
Vulnerability from variot - Updated: 2025-04-13 23:03The web administration interface on Amped Wireless R10000 devices with firmware 2.5.2.11 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. Amped Wireless R10000 router, firmware version 2.5.2.11, uses default credentials, is vulnerable to cross-site request forgery, and uses insufficiently random values for DNS queries. AmpedWirelessR10000deviceswithfirmware is the R10000 series router from AmpedWireless. A credential management vulnerability exists in AmpedWirelessR10000deviceswithfirmware2.5.2.11. An attacker can exploit these issues to bypass certain security restrictions, allowing attackers to perform certain unauthorized actions or by tricking a victim into following a specially crafted HTTP request designed to perform some action on the attacker's behalf using a victim's currently active session. The vulnerability is due to the use of 'admin' as the password for the admin account
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0087",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r10000",
"scope": "eq",
"trust": 1.6,
"vendor": "ampedwireless",
"version": "2.5.2.11"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amped",
"version": null
},
{
"model": "wireless r10000",
"scope": null,
"trust": 0.8,
"vendor": "amped",
"version": null
},
{
"model": "wireless r10000",
"scope": "eq",
"trust": 0.8,
"vendor": "amped",
"version": "2.5.2.11"
},
{
"model": "wireless r10000 devices with",
"scope": "eq",
"trust": 0.6,
"vendor": "amped",
"version": "2.5.2.11"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00146"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006584"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-316"
},
{
"db": "NVD",
"id": "CVE-2015-7277"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:ampedwireless:r10000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ampedwireless:r10000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006584"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joel Land of the CERT/CC",
"sources": [
{
"db": "BID",
"id": "78818"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-316"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7277",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7277",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-00146",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-85238",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2015-7277",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7277",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2015-7277",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00146",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-316",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85238",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-7277",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00146"
},
{
"db": "VULHUB",
"id": "VHN-85238"
},
{
"db": "VULMON",
"id": "CVE-2015-7277"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006584"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-316"
},
{
"db": "NVD",
"id": "CVE-2015-7277"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web administration interface on Amped Wireless R10000 devices with firmware 2.5.2.11 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. Amped Wireless R10000 router, firmware version 2.5.2.11, uses default credentials, is vulnerable to cross-site request forgery, and uses insufficiently random values for DNS queries. AmpedWirelessR10000deviceswithfirmware is the R10000 series router from AmpedWireless. A credential management vulnerability exists in AmpedWirelessR10000deviceswithfirmware2.5.2.11. \nAn attacker can exploit these issues to bypass certain security restrictions, allowing attackers to perform certain unauthorized actions or by tricking a victim into following a specially crafted HTTP request designed to perform some action on the attacker\u0027s behalf using a victim\u0027s currently active session. The vulnerability is due to the use of \u0027admin\u0027 as the password for the admin account",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7277"
},
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006584"
},
{
"db": "CNVD",
"id": "CNVD-2016-00146"
},
{
"db": "BID",
"id": "78818"
},
{
"db": "VULHUB",
"id": "VHN-85238"
},
{
"db": "VULMON",
"id": "CVE-2015-7277"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#763576",
"trust": 4.0
},
{
"db": "NVD",
"id": "CVE-2015-7277",
"trust": 3.5
},
{
"db": "BID",
"id": "78818",
"trust": 2.1
},
{
"db": "JVN",
"id": "JVNVU99863047",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006584",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-316",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-00146",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-85238",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-7277",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00146"
},
{
"db": "VULHUB",
"id": "VHN-85238"
},
{
"db": "VULMON",
"id": "CVE-2015-7277"
},
{
"db": "BID",
"id": "78818"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006584"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-316"
},
{
"db": "NVD",
"id": "CVE-2015-7277"
}
]
},
"id": "VAR-201512-0087",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00146"
},
{
"db": "VULHUB",
"id": "VHN-85238"
}
],
"trust": 1.575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00146"
}
]
},
"last_update_date": "2025-04-13T23:03:36.655000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "High Power Wireless-N 600mW Smart Router R10000",
"trust": 0.8,
"url": "http://www.ampedwireless.com/products/r10000.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006584"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85238"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006584"
},
{
"db": "NVD",
"id": "CVE-2015-7277"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://www.kb.cert.org/vuls/id/763576"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/78818"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7277"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99863047/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7277"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/255.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00146"
},
{
"db": "VULHUB",
"id": "VHN-85238"
},
{
"db": "VULMON",
"id": "CVE-2015-7277"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006584"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-316"
},
{
"db": "NVD",
"id": "CVE-2015-7277"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00146"
},
{
"db": "VULHUB",
"id": "VHN-85238"
},
{
"db": "VULMON",
"id": "CVE-2015-7277"
},
{
"db": "BID",
"id": "78818"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006584"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-316"
},
{
"db": "NVD",
"id": "CVE-2015-7277"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#763576"
},
{
"date": "2016-01-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00146"
},
{
"date": "2015-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-85238"
},
{
"date": "2015-12-31T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7277"
},
{
"date": "2015-12-10T00:00:00",
"db": "BID",
"id": "78818"
},
{
"date": "2016-01-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006584"
},
{
"date": "2015-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-316"
},
{
"date": "2015-12-31T05:59:19.493000",
"db": "NVD",
"id": "CVE-2015-7277"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#763576"
},
{
"date": "2016-01-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00146"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-85238"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7277"
},
{
"date": "2015-12-10T00:00:00",
"db": "BID",
"id": "78818"
},
{
"date": "2016-01-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006584"
},
{
"date": "2016-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-316"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7277"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-316"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Amped Wireless R10000 router contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-316"
}
],
"trust": 0.6
}
}
VAR-201512-0089
Vulnerability from variot - Updated: 2025-04-13 23:03Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value. Supplementary information : CWE Vulnerability type by CWE-331: Insufficient Entropy ( Lack of entropy ) Has been identified. AmpedWirelessR10000deviceswithfirmware is the R10000 series router from AmpedWireless. An attacker can exploit these issues to bypass certain security restrictions, allowing attackers to perform certain unauthorized actions or by tricking a victim into following a specially crafted HTTP request designed to perform some action on the attacker's behalf using a victim's currently active session. A remote attacker can exploit this vulnerability to forge response information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r10000",
"scope": "eq",
"trust": 1.6,
"vendor": "ampedwireless",
"version": "2.5.2.11"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amped",
"version": null
},
{
"model": "wireless r10000",
"scope": null,
"trust": 0.8,
"vendor": "amped",
"version": null
},
{
"model": "wireless r10000",
"scope": "eq",
"trust": 0.8,
"vendor": "amped",
"version": "2.5.2.11"
},
{
"model": "wireless r10000 devices with",
"scope": "eq",
"trust": 0.6,
"vendor": "amped",
"version": "2.5.2.11"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00147"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006586"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-318"
},
{
"db": "NVD",
"id": "CVE-2015-7279"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:ampedwireless:r10000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ampedwireless:r10000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006586"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joel Land of the CERT/CC",
"sources": [
{
"db": "BID",
"id": "78818"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-318"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7279",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7279",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00147",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-85240",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2015-7279",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7279",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7279",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-00147",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-318",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85240",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00147"
},
{
"db": "VULHUB",
"id": "VHN-85240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006586"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-318"
},
{
"db": "NVD",
"id": "CVE-2015-7279"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value. Supplementary information : CWE Vulnerability type by CWE-331: Insufficient Entropy ( Lack of entropy ) Has been identified. AmpedWirelessR10000deviceswithfirmware is the R10000 series router from AmpedWireless. \nAn attacker can exploit these issues to bypass certain security restrictions, allowing attackers to perform certain unauthorized actions or by tricking a victim into following a specially crafted HTTP request designed to perform some action on the attacker\u0027s behalf using a victim\u0027s currently active session. A remote attacker can exploit this vulnerability to forge response information",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7279"
},
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006586"
},
{
"db": "CNVD",
"id": "CNVD-2016-00147"
},
{
"db": "BID",
"id": "78818"
},
{
"db": "VULHUB",
"id": "VHN-85240"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#763576",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2015-7279",
"trust": 3.4
},
{
"db": "BID",
"id": "78818",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU99863047",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006586",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-318",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-00147",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-85240",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00147"
},
{
"db": "VULHUB",
"id": "VHN-85240"
},
{
"db": "BID",
"id": "78818"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006586"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-318"
},
{
"db": "NVD",
"id": "CVE-2015-7279"
}
]
},
"id": "VAR-201512-0089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00147"
},
{
"db": "VULHUB",
"id": "VHN-85240"
}
],
"trust": 1.575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00147"
}
]
},
"last_update_date": "2025-04-13T23:03:36.618000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "High Power Wireless-N 600mW Smart Router R10000",
"trust": 0.8,
"url": "http://www.ampedwireless.com/products/r10000.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006586"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006586"
},
{
"db": "NVD",
"id": "CVE-2015-7279"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.kb.cert.org/vuls/id/763576"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/78818"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7279"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99863047/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7279"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00147"
},
{
"db": "VULHUB",
"id": "VHN-85240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006586"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-318"
},
{
"db": "NVD",
"id": "CVE-2015-7279"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#763576"
},
{
"db": "CNVD",
"id": "CNVD-2016-00147"
},
{
"db": "VULHUB",
"id": "VHN-85240"
},
{
"db": "BID",
"id": "78818"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006586"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-318"
},
{
"db": "NVD",
"id": "CVE-2015-7279"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#763576"
},
{
"date": "2016-01-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00147"
},
{
"date": "2015-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-85240"
},
{
"date": "2015-12-10T00:00:00",
"db": "BID",
"id": "78818"
},
{
"date": "2016-01-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006586"
},
{
"date": "2015-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-318"
},
{
"date": "2015-12-31T05:59:21.337000",
"db": "NVD",
"id": "CVE-2015-7279"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#763576"
},
{
"date": "2016-01-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00147"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-85240"
},
{
"date": "2015-12-10T00:00:00",
"db": "BID",
"id": "78818"
},
{
"date": "2016-01-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006586"
},
{
"date": "2016-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-318"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7279"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-318"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Amped Wireless R10000 router contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#763576"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-318"
}
],
"trust": 0.6
}
}