fkie_cve-2015-1187
Vulnerability from fkie_nvd
Published
2017-09-21 16:29
Modified
2025-02-07 15:15
Summary
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.
References
cve@mitre.orghttp://packetstormsecurity.com/files/130607/D-Link-DIR636L-Remote-Command-Injection.htmlIssue Tracking, Third Party Advisory, VDB Entry
cve@mitre.orghttp://packetstormsecurity.com/files/131465/D-Link-TRENDnet-NCC-Service-Command-Injection.htmlExploit, Third Party Advisory, VDB Entry
cve@mitre.orghttp://seclists.org/fulldisclosure/2015/Mar/15Issue Tracking, Mailing List, Third Party Advisory
cve@mitre.orghttp://securityadvisories.dlink.com/security/publication.aspx?name=SAP10052Permissions Required, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/72848Third Party Advisory, VDB Entry
cve@mitre.orghttps://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2Issue Tracking, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/130607/D-Link-DIR636L-Remote-Command-Injection.htmlIssue Tracking, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/131465/D-Link-TRENDnet-NCC-Service-Command-Injection.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2015/Mar/15Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10052Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/72848Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2Issue Tracking, Mitigation, Third Party Advisory



{
  "cisaActionDue": "2022-04-15",
  "cisaExploitAdd": "2022-03-25",
  "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
  "cisaVulnerabilityName": "D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-626l_firmware:1.04:b04:*:*:*:*:*:*",
              "matchCriteriaId": "7C61317C-44BD-4683-A5E9-8C0CA765EC4E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-626l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB204438-1CBB-4A4D-9186-06ACFD4822DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-636l_firmware:1.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2DAF60-5E3C-443C-9BAA-2301D6E6CCFE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-636l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ADEFAD1-C800-4823-B546-514389C31391",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-808l_firmware:1.03:b05:*:*:*:*:*:*",
              "matchCriteriaId": "9437B000-D0BF-4ECE-AB9A-7E0E5A4C8CBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-808l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D074D3-DB9D-4232-947A-6C312E438947",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-810l_firmware:1.01:b04:*:*:*:*:*:*",
              "matchCriteriaId": "8C345217-7AFD-4521-92B0-57A43963DC3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-810l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B79563C-609A-4F9F-8F2F-FFF3D10E6684",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-810l_firmware:2.02:b01:*:*:*:*:*:*",
              "matchCriteriaId": "00CF9B1B-0281-44F8-8182-CB4AE6667C93",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-810l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B79563C-609A-4F9F-8F2F-FFF3D10E6684",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-820l_firmware:1.02:b10:*:*:*:*:*:*",
              "matchCriteriaId": "73616482-C6F8-45B2-AFA9-CC58600D1259",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-820l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CE60CD-DCDA-43E0-80A9-257557EDBC29",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-820l_firmware:1.05:b03:*:*:*:*:*:*",
              "matchCriteriaId": "EAD0E2A6-B7F2-4614-AFD9-7B9414A3773E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-820l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CE60CD-DCDA-43E0-80A9-257557EDBC29",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-820l_firmware:2.01:b02:*:*:*:*:*:*",
              "matchCriteriaId": "85AFE680-0ECF-43B7-B4B6-1F9D4FB96FE9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-820l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CE60CD-DCDA-43E0-80A9-257557EDBC29",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-826l_firmware:1.00:b23:*:*:*:*:*:*",
              "matchCriteriaId": "0A250A29-4B67-415C-9209-8DA3CA7787B4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-826l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36554D63-D4A3-499A-BD79-8C8729CB003E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-830l_firmware:1.00:b07:*:*:*:*:*:*",
              "matchCriteriaId": "DF1985BB-B6D5-49AF-8B58-1E0E15C0A606",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-830l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889685BB-EFD4-46CA-BBF1-F215DAD02C92",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-836l_firmware:1.01:b03:*:*:*:*:*:*",
              "matchCriteriaId": "B26E3CF6-4B1D-46D5-B4A0-CB0BC6CC3A8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-836l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE2ED91B-738D-448B-B7E0-D869539571F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:trendnet:tew-731br_firmware:2.01:b01:*:*:*:*:*:*",
              "matchCriteriaId": "75589A0E-EB72-41E7-B1D2-1F5C4970CC6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:trendnet:tew-731br:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4690A649-0A1F-4CCB-B577-4E477256CC1C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-651_firmware:1.10na:b02:*:*:*:*:*:*",
              "matchCriteriaId": "5BA8648E-8D38-4355-9CCC-A1C441FCBC02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-651:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "14E7E497-FDC7-4D4F-9313-10C21D9B58E2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:trendnet:tew-651br_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BF3A98-EC0C-4AE4-9319-05E1273CA840",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:trendnet:tew-651br:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E4956BE-1836-44CE-A87B-8F6956F969C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:trendnet:tew-652br_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FA8F5F2-2D77-462E-8E10-BCB455E897AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:trendnet:tew-652br:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00DD34C-71B8-471E-B6DE-D7347B1A2A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:trendnet:tew-711br_firmware:1.00:b31:*:*:*:*:*:*",
              "matchCriteriaId": "EFFB5CC1-C372-4EAF-8EB1-89D722BB8224",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:trendnet:tew-711br:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52DC8C5F-A9B1-4842-A258-7EC51B070B36",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:trendnet:tew-810dr_firmware:1.00:b19:*:*:*:*:*:*",
              "matchCriteriaId": "276BF892-CCDD-4965-8E8F-1316919BEB64",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:trendnet:tew-810dr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B71876E-5170-4C56-8F8C-A35FA5D24F60",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:trendnet:tew-813dru_firmware:1.00:b23:*:*:*:*:*:*",
              "matchCriteriaId": "83D7E4AD-09A0-4A7B-B5C5-F929DAD16844",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:trendnet:tew-813dru:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E0A6384-9977-4B89-AAB6-E4594C773EFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp."
    },
    {
      "lang": "es",
      "value": "La herramienta de ping en m\u00faltiples dispositivos D-Link y TRENDnet permite que los atacantes remotos ejecuten c\u00f3digo arbitrario mediante el par\u00e1metro ping_addr a ping.ccp."
    }
  ],
  "id": "CVE-2015-1187",
  "lastModified": "2025-02-07T15:15:14.100",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2017-09-21T16:29:00.147",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/130607/D-Link-DIR636L-Remote-Command-Injection.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/131465/D-Link-TRENDnet-NCC-Service-Command-Injection.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/Mar/15"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10052"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/72848"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/130607/D-Link-DIR636L-Remote-Command-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/131465/D-Link-TRENDnet-NCC-Service-Command-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/Mar/15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/72848"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.