cvelistv5 - CVE-2013-3096

CVE-2013-3096

Vulnerability from cvelistv5

Published

2020-02-07 18:36

Modified

2024-08-06 16:00

Severity ?

Summary

D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.

References

URL	Tags
cve@mitre.org	http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf	Broken Link
cve@mitre.org	http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php	Third Party Advisory
cve@mitre.org	https://www.ise.io/research/studies-and-papers/dlink_dir865l/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ise.io/research/studies-and-papers/dlink_dir865l/	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:00:09.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-07T18:36:46",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-3096",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
              "refsource": "MISC",
              "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
            },
            {
              "name": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php",
              "refsource": "MISC",
              "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
            },
            {
              "name": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/",
              "refsource": "MISC",
              "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-3096",
    "datePublished": "2020-02-07T18:36:46",
    "dateReserved": "2013-04-17T00:00:00",
    "dateUpdated": "2024-08-06T16:00:09.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-3096\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-02-07T19:15:10.037\",\"lastModified\":\"2024-11-21T01:52:59.947\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"D-Link DIR865L v1.03 suffers from an \\\"Unauthenticated Hardware Linking\\\" vulnerability.\"},{\"lang\":\"es\",\"value\":\"D-Link DIR865L versi\u00f3n v1.03, sufre de una vulnerabilidad de \\\"Unauthenticated Hardware Linking\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dir865l_firmware:1.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3C30954-2E80-466B-8091-3916ADAB1D65\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dir865l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E2DD125-BB66-4D9F-86A5-8E6B8D412EBC\"}]}]}],\"references\":[{\"url\":\"http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.ise.io/research/studies-and-papers/dlink_dir865l/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.ise.io/research/studies-and-papers/dlink_dir865l/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}

ghsa-3753-237w-wx4r

Vulnerability from github

Published

2022-05-05 00:29

Modified

2022-05-05 00:29

Details

D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-3096"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-02-07T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability.",
  "id": "GHSA-3753-237w-wx4r",
  "modified": "2022-05-05T00:29:33Z",
  "published": "2022-05-05T00:29:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3096"
    },
    {
      "type": "WEB",
      "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l"
    },
    {
      "type": "WEB",
      "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
    },
    {
      "type": "WEB",
      "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2013-3096

Vulnerability from fkie_nvd

Published

2020-02-07 19:15

Modified

2024-11-21 01:52

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.

References

URL	Tags
cve@mitre.org	http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf	Broken Link
cve@mitre.org	http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php	Third Party Advisory
cve@mitre.org	https://www.ise.io/research/studies-and-papers/dlink_dir865l/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ise.io/research/studies-and-papers/dlink_dir865l/	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	dlink	dir865l_firmware	1.03
	dlink	dir865l	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir865l_firmware:1.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3C30954-2E80-466B-8091-3916ADAB1D65",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir865l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E2DD125-BB66-4D9F-86A5-8E6B8D412EBC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
    },
    {
      "lang": "es",
      "value": "D-Link DIR865L versi\u00f3n v1.03, sufre de una vulnerabilidad de \"Unauthenticated Hardware Linking\"."
    }
  ],
  "id": "CVE-2013-3096",
  "lastModified": "2024-11-21T01:52:59.947",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-07T19:15:10.037",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability. D-Link DIR865L There is an authentication vulnerability in.Information may be tampered with. The D-Link DIR-865L is an enterprise-class wireless routing device. No detailed vulnerability details are available. D-Link DIR-865L is prone to a security-bypass vulnerability. Very limited information is currently available regarding this issue. We will update this BID as more information emerges. Exploiting this issue could allow an attacker to bypass certain security restrictions and gain unauthorized access to the affected device. D-Link DIR-865L firmware version 1.03 is vulnerable; other versions may also be affected

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0564",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "dir-865l",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "d link",
        "version": "1.03"
      },
      {
        "model": "dir865l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "dlink",
        "version": "1.03"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3096"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:d-link:dir-865l_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jacob Holcomb",
    "sources": [
      {
        "db": "BID",
        "id": "59475"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-554"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-3096",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-3096",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2013-007206",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2013-04033",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.2,
            "id": "CVE-2013-3096",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.9,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2013-007206",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-3096",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2013-007206",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-04033",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201304-554",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-554"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3096"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability. D-Link DIR865L There is an authentication vulnerability in.Information may be tampered with. The D-Link DIR-865L is an enterprise-class wireless routing device. No detailed vulnerability details are available. D-Link DIR-865L is prone to a security-bypass vulnerability. \nVery limited information is currently available regarding this issue. We will update this BID as more information emerges. \nExploiting this issue could allow an attacker to bypass certain security restrictions and gain unauthorized access to the affected device. \nD-Link DIR-865L firmware version 1.03 is vulnerable; other versions may also be affected",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3096"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      },
      {
        "db": "BID",
        "id": "59475"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-3096",
        "trust": 3.3
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "53064",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04033",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-554",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "59475",
        "trust": 0.3
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      },
      {
        "db": "BID",
        "id": "59475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-554"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3096"
      }
    ]
  },
  "id": "VAR-202002-0564",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      }
    ],
    "trust": 1.1744681
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "IoT",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      }
    ]
  },
  "last_update_date": "2024-08-14T15:14:02.112000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://support.dlink.com/index.aspx"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3096"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
      },
      {
        "trust": 1.6,
        "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
      },
      {
        "trust": 1.6,
        "url": "http://securityevaluators.com/knowledge/case_studies/routers/vulnerability_catalog.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-3096"
      },
      {
        "trust": 0.9,
        "url": "http://securityevaluators.com/content/case-studies/routers/dlink_dir865l.jsp"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3096"
      },
      {
        "trust": 0.6,
        "url": "http://www.secunia.com/advisories/53064/"
      },
      {
        "trust": 0.3,
        "url": "http://www.dlink.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      },
      {
        "db": "BID",
        "id": "59475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-554"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3096"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      },
      {
        "db": "BID",
        "id": "59475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-554"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3096"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      },
      {
        "date": "2013-04-25T00:00:00",
        "db": "BID",
        "id": "59475"
      },
      {
        "date": "2020-02-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      },
      {
        "date": "2013-04-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-554"
      },
      {
        "date": "2020-02-07T19:15:10.037000",
        "db": "NVD",
        "id": "CVE-2013-3096"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04033"
      },
      {
        "date": "2013-04-25T00:00:00",
        "db": "BID",
        "id": "59475"
      },
      {
        "date": "2020-02-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      },
      {
        "date": "2020-05-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-554"
      },
      {
        "date": "2020-02-10T17:36:10.330000",
        "db": "NVD",
        "id": "CVE-2013-3096"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-554"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "D-Link DIR865L Authentication vulnerabilities in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-007206"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-554"
      }
    ],
    "trust": 0.6
  }
}

gsd-2013-3096

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.

Aliases

CVE-2013-3096

Aliases

CVE-2013-3096

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-3096",
    "description": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability.",
    "id": "GSD-2013-3096"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-3096"
      ],
      "details": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability.",
      "id": "GSD-2013-3096",
      "modified": "2023-12-13T01:22:22.502957Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-3096",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
            "refsource": "MISC",
            "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
          },
          {
            "name": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php",
            "refsource": "MISC",
            "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
          },
          {
            "name": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/",
            "refsource": "MISC",
            "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:dlink:dir865l_firmware:1.03:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:dlink:dir865l:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-3096"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
            },
            {
              "name": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
            },
            {
              "name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
              "refsource": "MISC",
              "tags": [
                "Broken Link"
              ],
              "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2020-02-10T17:36Z",
      "publishedDate": "2020-02-07T19:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2013-3096

Vulnerability from cvelistv5

ghsa-3753-237w-wx4r

Vulnerability from github

fkie_cve-2013-3096

Vulnerability from fkie_nvd

var-202002-0564

Vulnerability from variot

gsd-2013-3096

Vulnerability from gsd

Tags

Sightings

Nomenclature