Vulnerabilites related to dlink - dir-880l_firmware
cve-2019-20213
Vulnerability from cvelistv5
Published
2020-01-02 01:03
Modified
2024-08-05 02:39
Severity ?
EPSS score ?
Summary
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:39:09.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-02T01:03:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f",
"refsource": "MISC",
"url": "https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f"
},
{
"name": "https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03",
"refsource": "MISC",
"url": "https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03"
},
{
"name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147",
"refsource": "MISC",
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
},
{
"name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146",
"refsource": "MISC",
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20213",
"datePublished": "2020-01-02T01:03:16",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-05T02:39:09.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-17621
Vulnerability from cvelistv5
Published
2019-12-30 16:09
Modified
2025-02-04 20:34
Severity ?
EPSS score ?
Summary
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:13.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dlink.com/en/security-bulletin"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-17621",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T20:33:59.746115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-06-29",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2019-17621"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T20:34:06.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-22T18:06:22.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dlink.com/en/security-bulletin"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf",
"refsource": "MISC",
"url": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf"
},
{
"name": "https://www.dlink.com/en/security-bulletin",
"refsource": "MISC",
"url": "https://www.dlink.com/en/security-bulletin"
},
{
"name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147",
"refsource": "CONFIRM",
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
},
{
"name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146",
"refsource": "CONFIRM",
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
},
{
"name": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104",
"refsource": "MISC",
"url": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104"
},
{
"name": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9",
"refsource": "MISC",
"url": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9"
},
{
"name": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17621",
"datePublished": "2019-12-30T16:09:17.000Z",
"dateReserved": "2019-10-16T00:00:00.000Z",
"dateUpdated": "2025-02-04T20:34:06.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-20674
Vulnerability from cvelistv5
Published
2019-01-09 00:00
Modified
2024-09-16 20:32
Severity ?
EPSS score ?
Summary
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:05:17.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T00:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20674",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101",
"refsource": "MISC",
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20674",
"datePublished": "2019-01-09T00:00:00Z",
"dateReserved": "2019-01-08T00:00:00Z",
"dateUpdated": "2024-09-16T20:32:52.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-14948
Vulnerability from cvelistv5
Published
2019-10-14 17:03
Modified
2024-08-05 19:42
Severity ?
EPSS score ?
Summary
Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with ''boundary=' followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/badnack/d_link_880_bug/blob/master/README.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:42:22.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/badnack/d_link_880_bug/blob/master/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with \u0027\u0027boundary=\u0027 followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-14T17:03:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/badnack/d_link_880_bug/blob/master/README.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with \u0027\u0027boundary=\u0027 followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/badnack/d_link_880_bug/blob/master/README.md",
"refsource": "MISC",
"url": "https://github.com/badnack/d_link_880_bug/blob/master/README.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14948",
"datePublished": "2019-10-14T17:03:25",
"dateReserved": "2017-09-29T00:00:00",
"dateUpdated": "2024-08-05T19:42:22.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-29322
Vulnerability from cvelistv5
Published
2021-06-04 19:39
Modified
2024-08-04 16:48
Severity ?
EPSS score ?
Summary
The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | D-Link Router DIR-880L |
Version: 1.07 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:48:01.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "D-Link Router DIR-880L",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.07"
}
]
}
],
"datePublic": "2020-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Hardcoded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-04T19:39:00",
"orgId": "ee1bbb37-1770-46bd-bba8-910037954ee0",
"shortName": "CSW"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "disclose@cybersecurityworks.com",
"ID": "CVE-2020-29322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "D-Link Router DIR-880L",
"version": {
"version_data": [
{
"version_value": "1.07"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Hardcoded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html",
"refsource": "MISC",
"url": "https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ee1bbb37-1770-46bd-bba8-910037954ee0",
"assignerShortName": "CSW",
"cveId": "CVE-2020-29322",
"datePublished": "2021-06-04T19:39:00",
"dateReserved": "2020-11-27T00:00:00",
"dateUpdated": "2024-08-04T16:48:01.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-20675
Vulnerability from cvelistv5
Published
2019-01-09 00:00
Modified
2024-09-17 01:21
Severity ?
EPSS score ?
Summary
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass.
References
| ▼ | URL | Tags |
|---|---|---|
| https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:05:17.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T00:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101",
"refsource": "MISC",
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20675",
"datePublished": "2019-01-09T00:00:00Z",
"dateReserved": "2019-01-08T00:00:00Z",
"dateUpdated": "2024-09-17T01:21:23.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-6530
Vulnerability from cvelistv5
Published
2018-03-06 20:00
Modified
2025-02-04 20:36
Severity ?
EPSS score ?
Summary
OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:10.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-6530",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T20:36:36.248676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-09-08",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-6530"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T20:36:49.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-06T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf",
"refsource": "CONFIRM",
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf"
},
{
"name": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf",
"refsource": "CONFIRM",
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf"
},
{
"name": "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto",
"refsource": "MISC",
"url": "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto"
},
{
"name": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf",
"refsource": "CONFIRM",
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf"
},
{
"name": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf",
"refsource": "CONFIRM",
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6530",
"datePublished": "2018-03-06T20:00:00.000Z",
"dateReserved": "2018-02-02T00:00:00.000Z",
"dateUpdated": "2025-02-04T20:36:49.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6563
Vulnerability from cvelistv5
Published
2018-07-13 20:00
Modified
2024-08-06 01:36
Severity ?
EPSS score ?
Summary
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.exploit-db.com/exploits/40805/ | exploit, x_refsource_EXPLOIT-DB | |
| https://www.kb.cert.org/vuls/id/677427 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/94130 | vdb-entry, x_refsource_BID | |
| http://seclists.org/fulldisclosure/2016/Nov/38 | mailing-list, x_refsource_FULLDISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:28.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40805/"
},
{
"name": "VU#677427",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/677427"
},
{
"name": "94130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94130"
},
{
"name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/38"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DIR-823",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-822",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-818L(W)",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-895L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-890L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-885L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-880L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-868L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-850L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
}
],
"datePublic": "2016-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "40805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40805/"
},
{
"name": "VU#677427",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/677427"
},
{
"name": "94130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94130"
},
{
"name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/38"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-6563",
"STATE": "PUBLIC",
"TITLE": "D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DIR-823",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-822",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-818L(W)",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-895L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-890L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-885L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-880L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-868L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-850L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
}
]
},
"vendor_name": "D-Link"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40805",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40805/"
},
{
"name": "VU#677427",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/677427"
},
{
"name": "94130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94130"
},
{
"name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Nov/38"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-6563",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2016-08-03T00:00:00",
"dateUpdated": "2024-08-06T01:36:28.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-07-13 20:29
Modified
2024-11-21 02:56
Severity ?
Summary
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://seclists.org/fulldisclosure/2016/Nov/38 | Exploit, Mailing List, Third Party Advisory | |
| cret@cert.org | http://www.securityfocus.com/bid/94130 | Third Party Advisory, VDB Entry | |
| cret@cert.org | https://www.exploit-db.com/exploits/40805/ | Exploit, Third Party Advisory, VDB Entry | |
| cret@cert.org | https://www.kb.cert.org/vuls/id/677427 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2016/Nov/38 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94130 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/40805/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/677427 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-823_firmware | - | |
| dlink | dir-823 | - | |
| dlink | dir-822_firmware | - | |
| dlink | dir-822 | - | |
| dlink | dir-818l\(w\)_firmware | - | |
| dlink | dir-818l\(w\) | - | |
| dlink | dir-895l_firmware | - | |
| dlink | dir-895l | - | |
| dlink | dir-890l_firmware | - | |
| dlink | dir-890l | - | |
| dlink | dir-885l_firmware | - | |
| dlink | dir-885l | - | |
| dlink | dir-880l_firmware | - | |
| dlink | dir-880l | - | |
| dlink | dir-868l_firmware | - | |
| dlink | dir-868l | - | |
| dlink | dir-850l_firmware | - | |
| dlink | dir-850l | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-823_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC02FC3-0BB2-41B4-9EDD-65AC1CE9AB5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-823:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC426833-BEA7-4029-BBBB-94688EE801BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-822_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F0B001-DEDD-4B68-A63D-F68A8BAF9C1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3894F0E-37F8-4A89-87AC-1DB524D4AE04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-818l\\(w\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4312D87E-181E-423A-90A1-C6F16AD58458",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-818l\\(w\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A208284-D9A8-4B97-A975-E7AF0D7110A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-895l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E62F905-D226-463C-8BA9-201E8B0165FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-895l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9EBC5D-43DE-4B26-8272-5A9AD2ECE2E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-890l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCCA2BB-4577-402C-88B5-F8E10770CA35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-890l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EA89C7-4655-43A3-9D2B-D57640D56C09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-885l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3441E49F-C21B-4B68-89AD-BD46E8D88638",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-885l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD481B64-A25D-4123-B575-20EC3C524D9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52A89607-6CBB-4197-AF08-8A52FA73F703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC772491-6371-4712-B358-E74D9C5062FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26512943-D705-484D-B9EA-BF401606DFA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B501D4-BDDD-485E-A5A3-8AA8D5E46061",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E72B76AE-8D5C-4FAD-A7FC-303CB0670C98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-850l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "607DDB44-0E4E-4606-8909-B624345688D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L."
},
{
"lang": "es",
"value": "El procesamiento de mensajes SOAP mal formados al realizar la acci\u00f3n de inicio de sesi\u00f3n HNAP provoca un desbordamiento de b\u00fafer en la pila en algunos routers D-Link DIR. Los campos XML vulnerables en el cuerpo SOAP son: Action, Username, LoginPassword y Captcha. Los siguientes productos se han visto afectados: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L y DIR-850L."
}
],
"id": "CVE-2016-6563",
"lastModified": "2024-11-21T02:56:21.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-13T20:29:01.003",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/38"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94130"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40805/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/677427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40805/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/677427"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-30 17:15
Modified
2025-02-04 21:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-859_firmware | * | |
| dlink | dir-859_firmware | 1.06b01 | |
| dlink | dir-859 | - | |
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-823_firmware | * | |
| dlink | dir-823_firmware | 1.00b06 | |
| dlink | dir-823 | - | |
| dlink | dir-865l_firmware | * | |
| dlink | dir-865l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-869_firmware | * | |
| dlink | dir-869_firmware | 1.03b02 | |
| dlink | dir-869 | - | |
| dlink | dir-880l_firmware | * | |
| dlink | dir-880l | - | |
| dlink | dir-890l_firmware | * | |
| dlink | dir-890l_firmware | 1.11b01 | |
| dlink | dir-890l | - | |
| dlink | dir-890r_firmware | * | |
| dlink | dir-890r_firmware | 1.11b01 | |
| dlink | dir-890r | - | |
| dlink | dir-885l_firmware | * | |
| dlink | dir-885l | - | |
| dlink | dir-885r_firmware | * | |
| dlink | dir-885r | - | |
| dlink | dir-895l_firmware | * | |
| dlink | dir-895l | - | |
| dlink | dir-895r_firmware | * | |
| dlink | dir-895r | - | |
| dlink | dir-818lx_firmware | - | |
| dlink | dir-818lx | - |
{
"cisaActionDue": "2023-07-20",
"cisaExploitAdd": "2023-06-29",
"cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.",
"cisaVulnerabilityName": "D-Link DIR-859 Router Command Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-859_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2ABCF49-625F-4267-8B6D-14081B31E8B0",
"versionEndIncluding": "1.05b03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-859_firmware:1.06b01:beta1:*:*:*:*:*:*",
"matchCriteriaId": "BB555A1A-6B26-483E-ABFC-B64B928E7CC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-859:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1DEEF5B-D8E9-45F3-8A89-52CE8402E6F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8E6CDA-679A-4A31-8D8D-BD283C5E1E3E",
"versionEndIncluding": "2.03b01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3894F0E-37F8-4A89-87AC-1DB524D4AE04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46B25758-8EC2-4598-A834-9D513B030629",
"versionEndIncluding": "3.12b04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3894F0E-37F8-4A89-87AC-1DB524D4AE04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-823_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99D9046B-206E-4267-98BA-BF572682F134",
"versionEndIncluding": "1.00b06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-823_firmware:1.00b06:beta:*:*:*:*:*:*",
"matchCriteriaId": "5A56D2BD-5160-46FE-8AC7-CB4CA50E4D5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-823:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC426833-BEA7-4029-BBBB-94688EE801BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4406996E-761D-4EDC-9877-17B7472C1422",
"versionEndIncluding": "1.07b01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A853DF-6DF1-4E8E-8D55-95279EE0CB30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D90548-24FD-416F-9159-6F7AB318C923",
"versionEndIncluding": "1.12b04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B501D4-BDDD-485E-A5A3-8AA8D5E46061",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0CA3A5-CF3D-4D1B-BB07-EE0D91901BC9",
"versionEndIncluding": "2.05b02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B501D4-BDDD-485E-A5A3-8AA8D5E46061",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-869_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "499E8ADA-B4ED-42B2-B237-716A77BD546A",
"versionEndIncluding": "1.03b02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-869_firmware:1.03b02:beta02:*:*:*:*:*:*",
"matchCriteriaId": "AF693676-C580-44CF-AAC6-6E38658FEAFB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-869:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9EB6E8E-03FA-4477-B97A-0752B7C443F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7C571B-BCCB-4853-A08E-2EF9A64C94CD",
"versionEndIncluding": "1.08b04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC772491-6371-4712-B358-E74D9C5062FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-890l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50FCDBDC-32F8-42DF-BD3C-A9EFC11D036C",
"versionEndIncluding": "1.11b01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-890l_firmware:1.11b01:beta01:*:*:*:*:*:*",
"matchCriteriaId": "7A4A1A68-5B14-47B7-9D02-274A0E4AF2F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-890l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EA89C7-4655-43A3-9D2B-D57640D56C09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-890r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0BEAAD-6330-47FE-A8F6-665C3F346619",
"versionEndIncluding": "1.11b01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-890r_firmware:1.11b01:beta01:*:*:*:*:*:*",
"matchCriteriaId": "4C18C9D9-9418-441B-9367-91F86137245C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-890r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D678E889-3D74-4D16-84D0-41F547519A7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-885l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48D9C475-FB79-4D18-823C-0A3F01CB478E",
"versionEndIncluding": "1.12b05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-885l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD481B64-A25D-4123-B575-20EC3C524D9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-885r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0261FBA8-D370-4581-B4AE-E8DBF4546C50",
"versionEndIncluding": "1.12b05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-885r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E0351A1-D161-468E-A2C4-1FB92E978DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-895l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB7A220-2C3E-45B4-BA2E-D6C595B391D7",
"versionEndIncluding": "1.12b10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-895l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9EBC5D-43DE-4B26-8272-5A9AD2ECE2E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-895r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4B2469-DDAB-4FD1-A446-B304AAF78BB3",
"versionEndIncluding": "1.12b10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-895r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2DADDD-2F1C-458D-B3F5-07EE0FE35E92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-818lx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "072F053E-4DAB-4246-BEE7-F4813957BF56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-818lx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6E718C-2E2A-4E9B-A83D-25C01F681301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network."
},
{
"lang": "es",
"value": "La URL de /gena.cgi del endpoint UPnP en el router Wi-Fi D-Link DIR-859 versiones 1.05 y 1.06B01 Beta01, permite a un atacante remoto no autenticado ejecutar comandos del sistema como root, mediante el env\u00edo de una petici\u00f3n HTTP SUBSCRIBE especialmente dise\u00f1ada en el servicio UPnP cuando se conecta a la red local."
}
],
"id": "CVE-2019-17621",
"lastModified": "2025-02-04T21:15:18.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2019-12-30T17:15:19.857",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dlink.com/en/security-bulletin"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dlink.com/en/security-bulletin"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-04 20:15
Modified
2024-11-21 05:23
Severity ?
Summary
The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| disclose@cybersecurityworks.com | https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-880l_firmware | 1.07 | |
| dlink | dir-880l | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FD495C-1D16-4A14-9517-23AA481A9A54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC772491-6371-4712-B358-E74D9C5062FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data."
},
{
"lang": "es",
"value": "El router D-Link DIR-880L versi\u00f3n 1.07, es vulnerable a una divulgaci\u00f3n de credenciales en el servicio telnet mediante la descompilaci\u00f3n del firmware, lo que permite a un atacante no autenticado conseguir acceso al firmware y extraer datos confidenciales"
}
],
"id": "CVE-2020-29322",
"lastModified": "2024-11-21T05:23:54.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-04T20:15:07.657",
"references": [
{
"source": "disclose@cybersecurityworks.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html"
}
],
"sourceIdentifier": "disclose@cybersecurityworks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
},
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-09 00:29
Modified
2024-11-21 04:01
Severity ?
Summary
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-822-us_firmware | * | |
| dlink | dir-822-us | - | |
| dlink | dir-850l_firmware | * | |
| dlink | dir-850l | - | |
| dlink | dir-850l_firmware | * | |
| dlink | dir-850l_firmware | 2.22b02 | |
| dlink | dir-850l | - | |
| dlink | dir-880l_firmware | * | |
| dlink | dir-880l_firmware | 1.20b01 | |
| dlink | dir-880l | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBEAD7-2C7B-43FC-9352-B520F31035EE",
"versionEndIncluding": "3.10b06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3894F0E-37F8-4A89-87AC-1DB524D4AE04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-822-us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "820E41C7-8D99-4B71-8C6E-9064E5173168",
"versionEndIncluding": "3.10b06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-822-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "670ED1ED-F14F-45F6-BE40-F3F1B1ED853F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E47C6FC0-783C-4D65-9F26-0E2C2E288936",
"versionEndIncluding": "1.21b07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-850l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "607DDB44-0E4E-4606-8909-B624345688D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D7484-AB7F-4276-BAEF-C0D6AC698123",
"versionEndIncluding": "2.21b01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:2.22b02:beta:*:*:*:*:*:*",
"matchCriteriaId": "92FF706E-89F6-47BA-988D-A78B7AD1FAC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-850l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "607DDB44-0E4E-4606-8909-B624345688D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF193C4-D65C-4708-83A4-7D1859B1E978",
"versionEndIncluding": "1.07.b08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:1.20b01:beta:*:*:*:*:*:*",
"matchCriteriaId": "678EA257-C88B-4447-A318-C2F799D57A46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC772491-6371-4712-B358-E74D9C5062FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution."
},
{
"lang": "es",
"value": "Los dispositivos D-Link que utilizan determinadas versiones (las DIR-822 C1 anteriores a la v3.11B01Beta, las DIR-822-US C1 anteriores a la v3.11B01Beta, las DIR-850L A* anteriores a la v1.21B08Beta, las DIR-850L B* anteriores a la v2.22B03Beta y las DIR-880L A* anteriores a la v1.20B02Beta) permiten la ejecuci\u00f3n de comando remotos."
}
],
"id": "CVE-2018-20674",
"lastModified": "2024-11-21T04:01:58.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-09T00:29:00.210",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-09 00:29
Modified
2024-11-21 04:01
Severity ?
Summary
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-822-us_firmware | * | |
| dlink | dir-822-us | - | |
| dlink | dir-850l_firmware | * | |
| dlink | dir-850l | - | |
| dlink | dir-850l_firmware | * | |
| dlink | dir-850l_firmware | 2.22b02 | |
| dlink | dir-850l | - | |
| dlink | dir-880l_firmware | * | |
| dlink | dir-880l_firmware | 1.20b01 | |
| dlink | dir-880l | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBEAD7-2C7B-43FC-9352-B520F31035EE",
"versionEndIncluding": "3.10b06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3894F0E-37F8-4A89-87AC-1DB524D4AE04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-822-us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "820E41C7-8D99-4B71-8C6E-9064E5173168",
"versionEndIncluding": "3.10b06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-822-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "670ED1ED-F14F-45F6-BE40-F3F1B1ED853F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E47C6FC0-783C-4D65-9F26-0E2C2E288936",
"versionEndIncluding": "1.21b07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-850l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "607DDB44-0E4E-4606-8909-B624345688D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D7484-AB7F-4276-BAEF-C0D6AC698123",
"versionEndIncluding": "2.21b01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:2.22b02:beta:*:*:*:*:*:*",
"matchCriteriaId": "92FF706E-89F6-47BA-988D-A78B7AD1FAC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-850l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "607DDB44-0E4E-4606-8909-B624345688D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF193C4-D65C-4708-83A4-7D1859B1E978",
"versionEndIncluding": "1.07.b08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:1.20b01:beta:*:*:*:*:*:*",
"matchCriteriaId": "678EA257-C88B-4447-A318-C2F799D57A46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC772491-6371-4712-B358-E74D9C5062FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass."
},
{
"lang": "es",
"value": "Los dispositivos D-Link que utilizan determinadas versiones (las DIR-822 C1 anteriores a la v3.11B01Beta, las DIR-822-US C1 anteriores a la v3.11B01Beta, las DIR-850L A* anteriores a la v1.21B08Beta, las DIR-850L B* anteriores a la v2.22B03Beta y las DIR-880L A* anteriores a la v1.20B02Beta) permiten la omisi\u00f3n de autenticaci\u00f3n."
}
],
"id": "CVE-2018-20675",
"lastModified": "2024-11-21T04:01:58.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-09T00:29:00.240",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-14 18:15
Modified
2024-11-21 03:13
Severity ?
Summary
Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with ''boundary=' followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/badnack/d_link_880_bug/blob/master/README.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/badnack/d_link_880_bug/blob/master/README.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-868l_firmware | - | |
| dlink | dir-868l | - | |
| dlink | dir-890l_firmware | - | |
| dlink | dir-890l | - | |
| dlink | dir-885l_firmware | - | |
| dlink | dir-885l | - | |
| dlink | dir-895l_firmware | 1.13b03 | |
| dlink | dir-895l | - | |
| dlink | dir-880l_firmware | 1.08b04 | |
| dlink | dir-880l | - | |
| dlink | dir-895r_firmware | 1.13b03 | |
| dlink | dir-895r | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26512943-D705-484D-B9EA-BF401606DFA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B501D4-BDDD-485E-A5A3-8AA8D5E46061",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-890l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCCA2BB-4577-402C-88B5-F8E10770CA35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-890l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EA89C7-4655-43A3-9D2B-D57640D56C09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-885l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3441E49F-C21B-4B68-89AD-BD46E8D88638",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-885l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD481B64-A25D-4123-B575-20EC3C524D9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-895l_firmware:1.13b03:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC402D8-0279-49B0-BB77-23B036A400C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-895l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9EBC5D-43DE-4B26-8272-5A9AD2ECE2E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:1.08b04:*:*:*:*:*:*:*",
"matchCriteriaId": "75AEBC09-E4B8-46D6-BD72-5AB4522B732A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC772491-6371-4712-B358-E74D9C5062FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-895r_firmware:1.13b03:*:*:*:*:*:*:*",
"matchCriteriaId": "65C3BB4D-EEBE-4B06-9C4D-6181D66CB905",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-895r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2DADDD-2F1C-458D-B3F5-07EE0FE35E92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with \u0027\u0027boundary=\u0027 followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution."
},
{
"lang": "es",
"value": "Ciertos productos de D-Link se ven afectados por: Desbordamiento de b\u00fafer. Esto afecta a DIR-880L 1.08B04 y DIR-895 L/R 1.13b03. El impacto es: ejecutar c\u00f3digo arbitrario (remoto). El componente es: htdocs/fileaccess.cgi. El vector de ataque es: una petici\u00f3n HTTP dise\u00f1ada manejada por fileacces.cgi podr\u00eda permitir que un atacante realice un ataque ROP: si el campo de encabezado HTTP CONTENT_TYPE comienza con \u0027\u0027boundary=\u0027\u0027 seguido de m\u00e1s de 256 caracteres, se desencadenar\u00e1 un desbordamiento de b\u00fafer, potencialmente causando la ejecuci\u00f3n del c\u00f3digo."
}
],
"id": "CVE-2017-14948",
"lastModified": "2024-11-21T03:13:49.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-14T18:15:10.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/badnack/d_link_880_bug/blob/master/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/badnack/d_link_880_bug/blob/master/README.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-02 14:16
Modified
2024-11-21 04:38
Severity ?
Summary
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-859_firmware | * | |
| dlink | dir-859_firmware | 1.06b01 | |
| dlink | dir-859 | - | |
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-823_firmware | * | |
| dlink | dir-823 | - | |
| dlink | dir-865l_firmware | * | |
| dlink | dir-865l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-869_firmware | * | |
| dlink | dir-869 | - | |
| dlink | dir-880l_firmware | * | |
| dlink | dir-880l | - | |
| dlink | dir-890l_firmware | * | |
| dlink | dir-890l | - | |
| dlink | dir-890r_firmware | * | |
| dlink | dir-890r | - | |
| dlink | dir-885l_firmware | * | |
| dlink | dir-885l | - | |
| dlink | dir-885r_firmware | * | |
| dlink | dir-885r | - | |
| dlink | dir-895l_firmware | * | |
| dlink | dir-895l | - | |
| dlink | dir-895r_firmware | * | |
| dlink | dir-895r | - | |
| dlink | dir-818lx_firmware | - | |
| dlink | dir-818lx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-859_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2ABCF49-625F-4267-8B6D-14081B31E8B0",
"versionEndIncluding": "1.05b03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dlink:dir-859_firmware:1.06b01:beta1:*:*:*:*:*:*",
"matchCriteriaId": "BB555A1A-6B26-483E-ABFC-B64B928E7CC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-859:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1DEEF5B-D8E9-45F3-8A89-52CE8402E6F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8E6CDA-679A-4A31-8D8D-BD283C5E1E3E",
"versionEndIncluding": "2.03b01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3894F0E-37F8-4A89-87AC-1DB524D4AE04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46B25758-8EC2-4598-A834-9D513B030629",
"versionEndIncluding": "3.12b04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3894F0E-37F8-4A89-87AC-1DB524D4AE04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-823_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99D9046B-206E-4267-98BA-BF572682F134",
"versionEndIncluding": "1.00b06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-823:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC426833-BEA7-4029-BBBB-94688EE801BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4406996E-761D-4EDC-9877-17B7472C1422",
"versionEndIncluding": "1.07b01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A853DF-6DF1-4E8E-8D55-95279EE0CB30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D90548-24FD-416F-9159-6F7AB318C923",
"versionEndIncluding": "1.12b04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B501D4-BDDD-485E-A5A3-8AA8D5E46061",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0CA3A5-CF3D-4D1B-BB07-EE0D91901BC9",
"versionEndIncluding": "2.05b02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B501D4-BDDD-485E-A5A3-8AA8D5E46061",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-869_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "499E8ADA-B4ED-42B2-B237-716A77BD546A",
"versionEndIncluding": "1.03b02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-869:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9EB6E8E-03FA-4477-B97A-0752B7C443F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7C571B-BCCB-4853-A08E-2EF9A64C94CD",
"versionEndIncluding": "1.08b04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC772491-6371-4712-B358-E74D9C5062FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-890l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50FCDBDC-32F8-42DF-BD3C-A9EFC11D036C",
"versionEndIncluding": "1.11b01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-890l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EA89C7-4655-43A3-9D2B-D57640D56C09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-890r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0BEAAD-6330-47FE-A8F6-665C3F346619",
"versionEndIncluding": "1.11b01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-890r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D678E889-3D74-4D16-84D0-41F547519A7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-885l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48D9C475-FB79-4D18-823C-0A3F01CB478E",
"versionEndIncluding": "1.12b05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-885l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD481B64-A25D-4123-B575-20EC3C524D9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-885r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0261FBA8-D370-4581-B4AE-E8DBF4546C50",
"versionEndIncluding": "1.12b05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-885r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E0351A1-D161-468E-A2C4-1FB92E978DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-895l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB7A220-2C3E-45B4-BA2E-D6C595B391D7",
"versionEndIncluding": "1.12b10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-895l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9EBC5D-43DE-4B26-8272-5A9AD2ECE2E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-895r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4B2469-DDAB-4FD1-A446-B304AAF78BB3",
"versionEndIncluding": "1.12b10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-895r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2DADDD-2F1C-458D-B3F5-07EE0FE35E92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-818lx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "072F053E-4DAB-4246-BEE7-F4813957BF56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-818lx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6E718C-2E2A-4E9B-A83D-25C01F681301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php."
},
{
"lang": "es",
"value": "Los routers D-Link DIR-859 versiones anteriores a la versi\u00f3n v1.07b03_beta, permiten una divulgaci\u00f3n de informaci\u00f3n no autenticada por medio del valor AUTHORIZED_GROUP=1%0a, como es demostrado por el archivo vpnconfig.php."
}
],
"id": "CVE-2019-20213",
"lastModified": "2024-11-21T04:38:13.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-02T14:16:36.533",
"references": [
{
"source": "cve@mitre.org",
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f"
},
{
"source": "cve@mitre.org",
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-06 20:29
Modified
2025-02-04 21:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-860l_firmware | * | |
| dlink | dir-860l | - | |
| dlink | dir-865l_firmware | * | |
| dlink | dir-865l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-880l_firmware | * | |
| dlink | dir-880l | - |
{
"cisaActionDue": "2022-09-29",
"cisaExploitAdd": "2022-09-08",
"cisaRequiredAction": "The vendor D-Link published an advisory stating the fix under CVE-2018-20114 properly patches KEV entry CVE-2018-6530. If the device is still supported, apply updates per vendor instructions. If the affected device has since entered its end-of-life, it should be disconnected if still in use.",
"cisaVulnerabilityName": "D-Link Multiple Routers OS Command Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3887A644-753A-4CA3-9D79-0718057EEB3B",
"versionEndIncluding": "a1_fw110b04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDB9720-8F5A-4F02-A436-920CDAC15D69",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0624940E-9466-40BA-97E4-648537A092C0",
"versionEndIncluding": "reva_firmware_patch_1.08.b01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A853DF-6DF1-4E8E-8D55-95279EE0CB30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE2D4824-B834-41EA-8F70-AF12720030C9",
"versionEndIncluding": "a1_fw112b04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B501D4-BDDD-485E-A5A3-8AA8D5E46061",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-880l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E9B68DE-D3A7-4973-9D47-7203B2190F82",
"versionEndIncluding": "reva_firmware_patch_1.08b04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC772491-6371-4712-B358-E74D9C5062FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en soap.cgi (soapcgi_main en cgibin) en D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 y versiones anteriores, DIR-868L DIR868LA1_FW112b04 y versiones anteriores, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 y versiones anteriores y DIR-860L DIR860LA1_FW110b04 y versiones anteriores permite que atacantes remotos ejecuten comandos arbitrarios del sistema operativo mediante el par\u00e1metro service."
}
],
"id": "CVE-2018-6530",
"lastModified": "2025-02-04T21:15:16.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2018-03-06T20:29:00.987",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}