Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to D-Link - DIR-816

cve-2025-1392

Vulnerability from cvelistv5

Published

2025-02-17 15:31

Modified

2025-02-18 15:43

Severity ?

5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
3.5 (Low) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Summary

A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

References

▼	URL	Tags
	https://vuldb.com/?id.296023	vdb-entry, technical-description
	https://vuldb.com/?ctiid.296023	signature, permissions-required
	https://vuldb.com/?submit.501351	third-party-advisory
	https://www.dlink.com/	product

Impacted products

	Vendor	Product	Version
	D-Link	DIR-816	Version: 1.01TO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1392",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-18T15:42:52.546218Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-18T15:43:27.491Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DIR-816",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "1.01TO"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Fergod (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/webproc?getpage=html/index.html\u0026var:menu=24gwlan\u0026var:page=24G_basic. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
        },
        {
          "lang": "de",
          "value": "In D-Link DIR-816 1.01TO wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /cgi-bin/webproc?getpage=html/index.html\u0026var:menu=24gwlan\u0026var:page=24G_basic. Mit der Manipulation des Arguments SSID mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Cross Site Scripting",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Code Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-17T15:31:04.473Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-296023 | D-Link DIR-816 index.html cross site scripting",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.296023"
        },
        {
          "name": "VDB-296023 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.296023"
        },
        {
          "name": "Submit #501351 | D-Link DIR-816 1.01TO Cross Site Scripting",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.501351"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.dlink.com/"
        }
      ],
      "tags": [
        "unsupported-when-assigned"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-02-17T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-02-17T11:15:53.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "D-Link DIR-816 index.html cross site scripting"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-1392",
    "datePublished": "2025-02-17T15:31:04.473Z",
    "dateReserved": "2025-02-17T10:10:47.265Z",
    "dateUpdated": "2025-02-18T15:43:27.491Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-0717

Vulnerability from cvelistv5

Published

2024-01-19 15:31

Modified

2024-08-01 18:11

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112. This vulnerability affects unknown code of the file /devinfo of the component HTTP GET Request Handler. The manipulation of the argument area with the input notice|net|version leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251542 is the identifier assigned to this vulnerability.

References

▼	URL	Tags
	https://vuldb.com/?id.251542	vdb-entry, technical-description
	https://vuldb.com/?ctiid.251542	signature, permissions-required
	https://github.com/999zzzzz/D-Link	exploit

Impacted products

Vendor

Product

Version

▼

D-Link

DAP-1360

Version: 20240112

D-Link	DIR-300	Version: 20240112
D-Link	DIR-615	Version: 20240112
D-Link	DIR-615GF	Version: 20240112
D-Link	DIR-615S	Version: 20240112
D-Link	DIR-615T	Version: 20240112
D-Link	DIR-620	Version: 20240112
D-Link	DIR-620S	Version: 20240112
D-Link	DIR-806A	Version: 20240112
D-Link	DIR-815	Version: 20240112
D-Link	DIR-815AC	Version: 20240112
D-Link	DIR-815S	Version: 20240112
D-Link	DIR-816	Version: 20240112
D-Link	DIR-820	Version: 20240112
D-Link	DIR-822	Version: 20240112
D-Link	DIR-825	Version: 20240112
D-Link	DIR-825AC	Version: 20240112
D-Link	DIR-825ACF	Version: 20240112
D-Link	DIR-825ACG1	Version: 20240112
D-Link	DIR-841	Version: 20240112
D-Link	DIR-842	Version: 20240112
D-Link	DIR-842S	Version: 20240112
D-Link	DIR-843	Version: 20240112
D-Link	DIR-853	Version: 20240112
D-Link	DIR-878	Version: 20240112
D-Link	DIR-882	Version: 20240112
D-Link	DIR-1210	Version: 20240112
D-Link	DIR-1260	Version: 20240112
D-Link	DIR-2150	Version: 20240112
D-Link	DIR-X1530	Version: 20240112
D-Link	DIR-X1860	Version: 20240112
D-Link	DSL-224	Version: 20240112
D-Link	DSL-245GR	Version: 20240112
D-Link	DSL-2640U	Version: 20240112
D-Link	DSL-2750U	Version: 20240112
D-Link	DSL-G2452GR	Version: 20240112
D-Link	DVG-5402G	Version: 20240112
D-Link	DVG-5402G	Version: 20240112
D-Link	DVG-5402GFRU	Version: 20240112
D-Link	DVG-N5402G	Version: 20240112
D-Link	DVG-N5402G-IL	Version: 20240112
D-Link	DWM-312W	Version: 20240112
D-Link	DWM-321	Version: 20240112
D-Link	DWR-921	Version: 20240112
D-Link	DWR-953	Version: 20240112
D-Link	Good Line Router v2	Version: 20240112

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:11:35.784Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "technical-description",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.251542"
          },
          {
            "tags": [
              "signature",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?ctiid.251542"
          },
          {
            "tags": [
              "exploit",
              "x_transferred"
            ],
            "url": "https://github.com/999zzzzz/D-Link"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DAP-1360",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-300",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-615",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-615GF",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-615S",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-615T",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-620",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-620S",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-806A",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-815",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-815AC",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-815S",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-816",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-820",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-822",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-825",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-825AC",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-825ACF",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-825ACG1",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-841",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-842",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-842S",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-843",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-853",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-878",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-882",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-1210",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-1260",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-2150",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-X1530",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DIR-X1860",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DSL-224",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DSL-245GR",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DSL-2640U",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DSL-2750U",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DSL-G2452GR",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DVG-5402G",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DVG-5402G",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DVG-5402GFRU",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DVG-N5402G",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DVG-N5402G-IL",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DWM-312W",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DWM-321",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DWR-921",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "DWR-953",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        },
        {
          "modules": [
            "HTTP GET Request Handler"
          ],
          "product": "Good Line Router v2",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240112"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "99iz (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112. This vulnerability affects unknown code of the file /devinfo of the component HTTP GET Request Handler. The manipulation of the argument area with the input notice|net|version leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251542 is the identifier assigned to this vulnerability."
        },
        {
          "lang": "de",
          "value": "In D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 bis 20240112 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /devinfo der Komponente HTTP GET Request Handler. Mittels dem Manipulieren des Arguments area mit der Eingabe notice|net|version mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Information Disclosure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-19T15:31:04.290Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.251542"
        },
        {
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.251542"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/999zzzzz/D-Link"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-01-19T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-01-19T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-01-19T08:26:48.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "D-Link Good Line Router v2 HTTP GET Request devinfo information disclosure"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-0717",
    "datePublished": "2024-01-19T15:31:04.290Z",
    "dateReserved": "2024-01-19T07:21:32.386Z",
    "dateUpdated": "2024-08-01T18:11:35.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}