Vulnerabilites related to dlink - tm-g5240
cve-2013-6026
Vulnerability from cvelistv5
Published
2013-10-19 10:00
Modified
2024-09-16 23:50
Severity ?
EPSS score ?
Summary
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/ | x_refsource_MISC | |
| http://www.dlink.com/uk/en/support/security | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/248083 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.729Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dlink.com/uk/en/support/security"
},
{
"name": "VU#248083",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/248083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-19T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dlink.com/uk/en/support/security"
},
{
"name": "VU#248083",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/248083"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-6026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/",
"refsource": "MISC",
"url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
},
{
"name": "http://www.dlink.com/uk/en/support/security",
"refsource": "CONFIRM",
"url": "http://www.dlink.com/uk/en/support/security"
},
{
"name": "VU#248083",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/248083"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-6026",
"datePublished": "2013-10-19T10:00:00Z",
"dateReserved": "2013-10-04T00:00:00Z",
"dateUpdated": "2024-09-16T23:50:32.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-10-19 10:36
Modified
2024-11-21 01:58
Severity ?
Summary
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:di-524up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "157FE837-AA4B-46AD-A2C2-1E9A690FA7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dlink:di-604\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D8643C-5683-429D-9B9F-3A9C2B26ADF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dlink:di-604s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "076B3A72-3CF5-49CA-9104-D6D1667CE260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dlink:di-604up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4632D90B-C66E-4E72-B56B-C9B81C3FB85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dlink:di-624s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F92DC565-F84C-4881-AA54-F07C988E3B90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dlink:dir-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "944231AD-3DB5-432F-826F-DF40D3538F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dlink:dir-120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "030E2C73-B17D-4F52-83B5-24C2042A5761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dlink:tm-g5240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45DB67B1-BD0F-4B2F-8025-B0A39F821051",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:alphanetworks:vdsl_asl-55052:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38D71280-715B-4872-86DD-528DBD0C4EEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:alphanetworks:vdsl_asl-56552:-:*:*:*:*:*:*:*",
"matchCriteriaId": "630148D9-4FFC-4630-8D99-4F7DA068D3C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:planex:brl-04cw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F22A84F3-0A51-4CF5-B0B2-E41F02D10401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:planex:brl-04r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B26C5C-508E-426B-ACC7-148515E5FFF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:planex:brl-04ur:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6E83607-47A8-49B5-8C5B-5A25F8F19389",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013."
},
{
"lang": "es",
"value": "La interfaz web de D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604 + y TM-G5240 routers; Planex BRL-04R, Brasil-04UR y routers BRL-04CW, y Redes Alfa enrutadores permite a atacantes remotos evitar la autenticaci\u00f3n y modificar la configuraci\u00f3n especificando un encabezado HTTP User-Agent xmlset_roodkcableoj28840ybtide"
}
],
"id": "CVE-2013-6026",
"lastModified": "2024-11-21T01:58:38.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-19T10:36:08.963",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
},
{
"source": "cret@cert.org",
"url": "http://www.dlink.com/uk/en/support/security"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/248083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.dlink.com/uk/en/support/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/248083"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201310-0388
Vulnerability from variot
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013. Various D-Link routers allow administrative web actions if the HTTP request contains a specific User-Agent string. This backdoor allows an attacker to bypass password authentication and access the router's administrative web interface. Planex and Alpha Networks devices may also be affected. In addition, attacks on this vulnerability 2013 Year 10 Observed on the moon.By a third party xmlset_roodkcableoj28840ybtide User-Agent HTTP Authentication may be avoided and settings may be changed via the header. D-Link DIR-100 is a small broadband router with integrated firewall function.
DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604 +, TM-G5240 and several Planex routers BRL-04UR and BRL-04CW, the firmware used is v1.13 There is a backdoor vulnerability. Multiple vendors are prone to a remote authentication-bypass vulnerability. This may aid in further attacks. The following are vulnerable: D-Link DIR-120 D-Link DI-624S D-Link DI-524UP D-Link DI-604S D-Link DI-604UP D-Link DI-604 D-Link DIR-100 D-Link TM-G5240 PLANEX COMMUNICATIONS BRL-04UR PLANEX COMMUNICATIONS BRL-04R PLANEX COMMUNICATIONS BRL-04CW. D-Link DIR-100 and so on are all router devices of D-Link company. Planex BRL-04R etc. are the router equipment of Japan Planex Company. The following products are affected: D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+; TM-G5240; Planex BRL-04R, BRL-04UR, BRL-04CW
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201310-0388",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vdsl asl-56552",
"scope": "eq",
"trust": 1.6,
"vendor": "alphanetworks",
"version": null
},
{
"model": "di-524up",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "di-604+",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "di-604s",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "di-604up",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "tm-g5240",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "di-624s",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "tm-g5240",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "di-604up",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "brl-04ur",
"scope": "eq",
"trust": 1.0,
"vendor": "planex",
"version": null
},
{
"model": "dir-100",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "di-604s",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "di-524up",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "brl-04r",
"scope": "eq",
"trust": 1.0,
"vendor": "planex",
"version": null
},
{
"model": "brl-04cw",
"scope": "eq",
"trust": 1.0,
"vendor": "planex",
"version": null
},
{
"model": "di-604\\+",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "dir-120",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "vdsl asl-55052",
"scope": "eq",
"trust": 1.0,
"vendor": "alphanetworks",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "vdsl 11n wireless router",
"scope": null,
"trust": 0.8,
"vendor": "alpha",
"version": null
},
{
"model": "vdsl wired router",
"scope": null,
"trust": 0.8,
"vendor": "alpha",
"version": null
},
{
"model": "di-624s",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dir-100",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dir-120",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "brl-04cw",
"scope": null,
"trust": 0.8,
"vendor": "planex",
"version": null
},
{
"model": "brl-04r",
"scope": null,
"trust": 0.8,
"vendor": "planex",
"version": null
},
{
"model": "brl-04ur",
"scope": null,
"trust": 0.8,
"vendor": "planex",
"version": null
},
{
"model": "di-524",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
},
{
"model": "dir-100",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1.13"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#248083"
},
{
"db": "CNVD",
"id": "CNVD-2013-13777"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-477"
},
{
"db": "NVD",
"id": "CVE-2013-6026"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:alphanetworks:vdsl_asl-56552",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:alphanetworks:vdsl_asl-55052",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:d-link:di-524up",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:d-link:di-604%2B",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:d-link:di-604s",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:d-link:di-604up",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:d-link:di-624s",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:d-link:dir-100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:d-link:dir-120",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:d-link:tm-g5240",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:planex:brl-04cw",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:planex:brl-04r",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:planex:brl-04ur",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004823"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Craig Heffner and /dev/ttyS0",
"sources": [
{
"db": "BID",
"id": "62990"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6026",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-6026",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-13777",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-66028",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-6026",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-6026",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2013-13777",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201310-477",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-66028",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13777"
},
{
"db": "VULHUB",
"id": "VHN-66028"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-477"
},
{
"db": "NVD",
"id": "CVE-2013-6026"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013. Various D-Link routers allow administrative web actions if the HTTP request contains a specific User-Agent string. This backdoor allows an attacker to bypass password authentication and access the router\u0027s administrative web interface. Planex and Alpha Networks devices may also be affected. In addition, attacks on this vulnerability 2013 Year 10 Observed on the moon.By a third party xmlset_roodkcableoj28840ybtide User-Agent HTTP Authentication may be avoided and settings may be changed via the header. D-Link DIR-100 is a small broadband router with integrated firewall function. \r\n\r\n\r\nDIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604 +, TM-G5240 and several Planex routers BRL-04UR and BRL-04CW, the firmware used is v1.13 There is a backdoor vulnerability. Multiple vendors are prone to a remote authentication-bypass vulnerability. This may aid in further attacks. \nThe following are vulnerable:\nD-Link DIR-120\nD-Link DI-624S\nD-Link DI-524UP\nD-Link DI-604S\nD-Link DI-604UP\nD-Link DI-604\nD-Link DIR-100\nD-Link TM-G5240\nPLANEX COMMUNICATIONS BRL-04UR\nPLANEX COMMUNICATIONS BRL-04R\nPLANEX COMMUNICATIONS BRL-04CW. D-Link DIR-100 and so on are all router devices of D-Link company. Planex BRL-04R etc. are the router equipment of Japan Planex Company. The following products are affected: D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+; TM-G5240; Planex BRL-04R, BRL-04UR, BRL-04CW",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6026"
},
{
"db": "CERT/CC",
"id": "VU#248083"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"db": "CNVD",
"id": "CNVD-2013-13777"
},
{
"db": "BID",
"id": "62990"
},
{
"db": "VULHUB",
"id": "VHN-66028"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6026",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#248083",
"trust": 3.3
},
{
"db": "BID",
"id": "62990",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004823",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201310-477",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-13777",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-62565",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-66028",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#248083"
},
{
"db": "CNVD",
"id": "CNVD-2013-13777"
},
{
"db": "VULHUB",
"id": "VHN-66028"
},
{
"db": "BID",
"id": "62990"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-477"
},
{
"db": "NVD",
"id": "CVE-2013-6026"
}
]
},
"id": "VAR-201310-0388",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13777"
},
{
"db": "VULHUB",
"id": "VHN-66028"
}
],
"trust": 1.3563492333333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13777"
}
]
},
"last_update_date": "2024-11-23T22:18:43.896000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Update on Router Security issue",
"trust": 0.8,
"url": "http://www.dlink.com/uk/en/support/security"
},
{
"title": "D-Link and Planex/ router Web Repair measures for interface security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=234982"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-477"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66028"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"db": "NVD",
"id": "CVE-2013-6026"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/248083"
},
{
"trust": 1.7,
"url": "http://www.dlink.com/uk/en/support/security"
},
{
"trust": 0.8,
"url": "http://www.theregister.co.uk/2013/10/13/dlink_routers_have_admin_backdoor/"
},
{
"trust": 0.8,
"url": "http://www.dlink.com/uk/en/support/security "
},
{
"trust": 0.8,
"url": "http://blog.erratasec.com/2013/10/that-dlink-bug-masscan.html"
},
{
"trust": 0.8,
"url": "http://pastebin.com/vbig42vd"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6026"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6026"
},
{
"trust": 0.6,
"url": "http://www.solidot.org/story?sid=36791"
},
{
"trust": 0.3,
"url": "http://www.dlink.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#248083"
},
{
"db": "CNVD",
"id": "CNVD-2013-13777"
},
{
"db": "VULHUB",
"id": "VHN-66028"
},
{
"db": "BID",
"id": "62990"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-477"
},
{
"db": "NVD",
"id": "CVE-2013-6026"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#248083"
},
{
"db": "CNVD",
"id": "CNVD-2013-13777"
},
{
"db": "VULHUB",
"id": "VHN-66028"
},
{
"db": "BID",
"id": "62990"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-477"
},
{
"db": "NVD",
"id": "CVE-2013-6026"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-17T00:00:00",
"db": "CERT/CC",
"id": "VU#248083"
},
{
"date": "2013-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13777"
},
{
"date": "2013-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-66028"
},
{
"date": "2013-10-12T00:00:00",
"db": "BID",
"id": "62990"
},
{
"date": "2013-10-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"date": "2013-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-477"
},
{
"date": "2013-10-19T10:36:08.963000",
"db": "NVD",
"id": "CVE-2013-6026"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-29T00:00:00",
"db": "CERT/CC",
"id": "VU#248083"
},
{
"date": "2020-03-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13777"
},
{
"date": "2013-10-21T00:00:00",
"db": "VULHUB",
"id": "VHN-66028"
},
{
"date": "2013-12-10T00:56:00",
"db": "BID",
"id": "62990"
},
{
"date": "2013-10-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004823"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-477"
},
{
"date": "2024-11-21T01:58:38.767000",
"db": "NVD",
"id": "CVE-2013-6026"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-477"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link routers authenticate administrative access using specific User-Agent string",
"sources": [
{
"db": "CERT/CC",
"id": "VU#248083"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-477"
}
],
"trust": 0.6
}
}