1. Home
  2. CVE Database
  3. CVE-2015-5536
HIGH · 9.0

CVE-2015-5536

Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCo...

Vulnerability Description

Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCode parameter in a (2) formWpsStart or (3) formiNICWpsStart request; (4) wps_enrolee_pin parameter in a formWlanSetupWPS request; or unspecified parameters in a (5) formWlanMP, (6) formBSSetSitesurvey, (7) formHwSet, or (8) formConnectionSetting request.

CVSS Score

9.0

HIGH

AV:N/AC:L/Au:S/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
BelkinN300 Dual-Band Wi-Fi Range Extender Firmware1.0.0
BelkinN300 Dual-Band Wi-Fi Range ExtenderAll versions

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2015-5536?

CVE-2015-5536 is a vulnerability with a CVSS score of 9.0 (HIGH). Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCo...

How severe is CVE-2015-5536?

CVE-2015-5536 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-5536?

Check the references section above for vendor advisories and patch information. Affected products include: Belkin N300 Dual-Band Wi-Fi Range Extender Firmware, Belkin N300 Dual-Band Wi-Fi Range Extender.