D-Link DSL Broadband Modem SNMP Cleartext ISP Credential Disclosure

Critical Nessus Plugin ID 11490


The remote host has a well known default username and password.


This script uses SNMP to obtain the account and password of the remote ADSL connection. D-Link DSL Broadband routers uses a default community string and stores the ISP credentials in cleartext.


Filter access to SNMP on this device.

See Also


Plugin Details

Severity: Critical

ID: 11490

File Name: snmp_dlink_user_pass_disclosure.nasl

Version: $Revision: 1.22 $

Type: remote

Family: SNMP

Published: 2003/03/27

Modified: 2016/12/14

Dependencies: 10264

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:W/RC:ND

Vulnerability Information

Required KB Items: SNMP/community

Exploit Available: true

Exploit Ease: No exploit is required

Exploited by Nessus: true

Reference Information

BID: 7212

OSVDB: 58147, 58148