var-201703-1033
Vulnerability from variot
Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password. The D-linkDI-604 is a small router device. CruxPA is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. CruxPA 2.00 is vulnerable; prior versions may also be affected. D-Link DSL-2730U is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Author : B GOVIND Exploit Title : DLink DSL-2730U Wireless N 150, Change DNS Configuration bypassing aadmina privilege Date : 01-03-2017 Vendor Homepage : http://www.dlink.co.in Firmware Link : ftp://support.dlink.co.in/firmware/DSL-2730U Affected version : Hardware ver C1, Firmware ver: IN_1.0.0 Email id : govindnair7102@gmail.com CVE : CVE-2017-6411
Change DNS Configuration Bypassing aadmina Privilege
D-Link DSL-2730U wireless router is a very popular SOHO network device used in India. This device has three default accounts aadmina, asupporta and ausera. As per D-Link only aadmin" account has unrestricted access to change configuration of device. Account name ausera can just view configuration settings and statistics.
- Description of Vulnerability
Cross Site Request Forgery can be used to manipulate dnscfg.cgi in this device. An insider / external attacker (remote management to be enabled for external attacker) can change primary and secondary DNS IP address to some malicious IP address without using aadmina account.
- Proof of Concept
Use following URL to modify the DNS entries:
http://user:user@192.168.1.1/dnscfg.cgi?dnsPrimary=x.x.x.x&dnsSecondary=y.y.y.y&dnsIfcsList=&dnsRefresh=1
Here x.x.x.x and y.y.y.y are the malicious IP address attacker can use.
- Impact of vulnerability
Information Disclosure: An attacker exploiting this vulnerability can obtain confidential information like users browsing profile. Modifying device DNS settings allows cybercriminals to perform malicious activities like the following:
(a) Redirect user traffic to malicious/fake sites. These sites can be phishing pages that spoofs well-known sites and tricks users into submit sensitive user credentials like banks account username and password.
(b) This can ensure that no more patches are updated from OS vendor sites or firewall sites.
(c) Replace ads on legitimate sites and serve users with unwanted/fake ads.
(d) Pushing malwares.
- Solution
As per D-Link India this is the only no updated firmware is available for this hardware version which can mitigate this vulnerability which avoids privilege escalation. All users of this hardware should change default passwords of not just aadmina account but also ausera and asupporta
Change All Account Password Bypassing aadmina Privilege
D-Link DSL-2730U wireless router is a very popular SOHO network device used in India. This device has three default accounts aadmina, asupporta and ausera. As per D-Link only aadmin" account has unrestricted access to change configuration of device. Account name ausera can just view configuration settings and statistics. Default password of admin, support and user account are admin, support and user respectively.
-
Description of Vulnerability
Cross Site Request Forgery can be used to manipulate password.cgi in this device.
-
Proof of Concept
This exploit works only when accounts are using default password.
Use following URL to change aadmina account password from aadmina to aadmin1a.
http://user:user@192.168.1.1/password.cgi?
inUserName=admin&inPassword=ZGFyZWFkbWluMQ==&inOrgPassword=ZGFyZWFkbWlu
(b) Use following URL to change asupporta account password from asupporta to asupport1a.
http://user:user@192.168.1.1/password.cgi? inUserName=support&inPassword=ZGFyZXN1cHBvcnQx&inOrgPassword=ZGFyZXN1cHBvcnQ=
(c) Use following URL to change ausera account password from ausera to auser1a.
http://user:user@192.168.1.1/password.cgi? inUserName=user&inPassword=ZGFyZXVzZXIx&inOrgPassword=ZGFyZXVzZXI=
Here ainPassworda is the new password and ainOrgPassworda is the existing password. Both these password strings are base64 encoded for confidentiality as connection between browser and web server is using http.
- Impact of vulnerability
Elevation of privilege, Information Disclosure, Denial Of service
(a) Insider/Attacker can change the passwords of all the existing accounts and control the device as required. This will result in attacker having complete control over the device. He can capture traffic of other user and analyse traffic. Attacker can deny services as per his/her choice.
-
Solution
As per D-Link India this is the only no updated firmware available for this hardware version which can mitigate this vulnerability. All users of this hardware should change default passwords of all the default accounts.
Enable/Disable LAN side Firewall without admin privilege
D-Link DSL-2730U wireless router is a very popular SOHO network device used in India. This device has three default accounts aadmina, asupporta and ausera. As per D-Link only aadmin" account has unrestricted access to change configuration of device. Account name ausera can just view configuration settings and statistics. Default password of admin, support and user account are admin, support and user respectively.
-
Description of Vulnerability
Cross Site Request Forgery can be used to manipulate lancfg2.cgi in this device. An insider / external attacker (remote management to be enabled for external attacker) can enable/disable LAN side firewall without aadmina privilege using auser a account.
-
Proof of Concept
Use following URL to enable LAN side firewall
http://user:user@192.168.1.1/lancfg2.cgi?ethIpAddress=192.168.1.1ð SubnetMask=255.255.255.0&enblLanFirewall=1&enblIgmpSnp=0&enblIgmpMode=0&dhcpEthStart=192.168.1.2&dhcpEthEnd=192.168.1.254&dhcpLeasedTime=86400&enblDhcpSrv=1&enblLan2=0&enblLanDns=0
Use following URL to disable LAN side firewall
http://user:user@192.168.1.1/lancfg2.cgi?ethIpAddress=192.168.1.1ðSubnetMask=255.255.255.0&enblLanFirewall=0&enblIgmpSnp=0&enblIgmpMode=0&dhcpEthStart=192.168.1.2&dhcpEthEnd=192.168.1.254&dhcpLeasedTime=86400&enblDhcpSrv=1&enblLan2=0&enblLanDns=0
- Impact of vulnerability
By disabling LAN side firewall and by enabling Port Triggering, an attacker can ensure a backdoor access within LAN side as well as from WAN side. Attacker can run port scanning tools to map services which otherwise wont be possible with firewall enabled.
-
Solution
As per D-Link India this is the only no updated firmware available for this hardware version which can mitigate this vulnerability. All users of this hardware should change default passwords of all the default accounts
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-1033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dsl-2730u",
"scope": "eq",
"trust": 1.6,
"vendor": "dlink",
"version": "in_1.00"
},
{
"model": "dsl-2730u",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dsl-2730u",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": "c1 in_1.00"
},
{
"model": "dsl-2730u c1 in 1.00",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
},
{
"model": "software cruxpa",
"scope": "eq",
"trust": 0.3,
"vendor": "crux",
"version": "2.00"
},
{
"model": "dsl-2730u c1 in 1.00",
"scope": null,
"trust": 0.3,
"vendor": "dlink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"db": "BID",
"id": "41478"
},
{
"db": "BID",
"id": "96560"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002114"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-015"
},
{
"db": "NVD",
"id": "CVE-2017-6411"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:d-link:dsl-2730u",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:d-link:dsl-2730u_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002114"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "B GOVIND",
"sources": [
{
"db": "BID",
"id": "96560"
},
{
"db": "PACKETSTORM",
"id": "141390"
}
],
"trust": 0.4
},
"cve": "CVE-2017-6411",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-6411",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-02616",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-114614",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-6411",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-6411",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-6411",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-02616",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-015",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-114614",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"db": "VULHUB",
"id": "VHN-114614"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002114"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-015"
},
{
"db": "NVD",
"id": "CVE-2017-6411"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password. The D-linkDI-604 is a small router device. CruxPA is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nCruxPA 2.00 is vulnerable; prior versions may also be affected. D-Link DSL-2730U is prone to a cross-site request-forgery vulnerability. \nExploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Author : B GOVIND\nExploit Title : DLink DSL-2730U Wireless N 150, Change DNS Configuration bypassing aadmina privilege\nDate : 01-03-2017\nVendor Homepage : http://www.dlink.co.in\nFirmware Link : ftp://support.dlink.co.in/firmware/DSL-2730U\nAffected version : Hardware ver C1, Firmware ver: IN_1.0.0\nEmail id : govindnair7102@gmail.com \nCVE : CVE-2017-6411\n \nChange DNS Configuration Bypassing aadmina Privilege\n-------------------------------------------------------\n \nD-Link DSL-2730U wireless router is a very popular SOHO network device used in India. This device has three default accounts aadmina, asupporta and ausera. As per D-Link only aadmin\" account has unrestricted access to change configuration of device. Account name ausera can just view configuration settings and statistics. \n \n1. Description of Vulnerability\n \nCross Site Request Forgery can be used to manipulate dnscfg.cgi in this device. An insider / external attacker (remote management to be enabled for external attacker) can change primary and secondary DNS IP address to some malicious IP address without using aadmina account. \n \n2. Proof of Concept \n \nUse following URL to modify the DNS entries:\n \n http://user:user@192.168.1.1/dnscfg.cgi?dnsPrimary=x.x.x.x\u0026dnsSecondary=y.y.y.y\u0026dnsIfcsList=\u0026dnsRefresh=1\n \n Here x.x.x.x and y.y.y.y are the malicious IP address attacker can use. \n \n \n \n3. Impact of vulnerability\n \nInformation Disclosure: An attacker exploiting this vulnerability can obtain confidential information like users browsing profile. Modifying device DNS settings allows cybercriminals to perform malicious activities like the following:\n \n(a) Redirect user traffic to malicious/fake sites. These sites can be phishing pages that spoofs well-known sites and tricks users into submit sensitive user credentials like banks account username and password. \n \n(b) This can ensure that no more patches are updated from OS vendor sites or firewall sites. \n \n(c) Replace ads on legitimate sites and serve users with unwanted/fake ads. \n \n(d) Pushing malwares. \n \n4. Solution\n \nAs per D-Link India this is the only no updated firmware is available for this hardware version which can mitigate this vulnerability which avoids privilege escalation. \nAll users of this hardware should change default passwords of not just aadmina account but also ausera and asupporta\n \nChange All Account Password Bypassing aadmina Privilege\n----------------------------------------------------------\n \n D-Link DSL-2730U wireless router is a very popular SOHO network device used in India. This device has three default accounts aadmina, asupporta and ausera. As per D-Link only aadmin\" account has unrestricted access to change configuration of device. Account name ausera can just view configuration settings and statistics. Default password of admin, support and user account are admin, support and user respectively. \n \n1. Description of Vulnerability\n \n Cross Site Request Forgery can be used to manipulate password.cgi in this device. \n \n2. Proof of Concept \n \nThis exploit works only when accounts are using default password. \n \nUse following URL to change aadmina account password from aadmina to \naadmin1a. \n \n http://user:user@192.168.1.1/password.cgi?\ninUserName=admin\u0026inPassword=ZGFyZWFkbWluMQ==\u0026inOrgPassword=ZGFyZWFkbWlu\n \n(b) Use following URL to change asupporta account password from asupporta to \nasupport1a. \n \nhttp://user:user@192.168.1.1/password.cgi?\ninUserName=support\u0026inPassword=ZGFyZXN1cHBvcnQx\u0026inOrgPassword=ZGFyZXN1cHBvcnQ=\n \n(c) Use following URL to change ausera account password from ausera to \nauser1a. \n \nhttp://user:user@192.168.1.1/password.cgi?\ninUserName=user\u0026inPassword=ZGFyZXVzZXIx\u0026inOrgPassword=ZGFyZXVzZXI=\n \nHere ainPassworda is the new password and ainOrgPassworda is the existing password. Both these password strings are base64 encoded for confidentiality as connection between browser and web server is using http. \n \n \n3. Impact of vulnerability\n \nElevation of privilege, Information Disclosure, Denial Of service\n \n(a) Insider/Attacker can change the passwords of all the existing accounts and control the device as required. This will result in attacker having complete control over the device. He can capture traffic of other user and analyse traffic. Attacker can deny services as per his/her choice. \n \n4. Solution\n \n As per D-Link India this is the only no updated firmware available for this hardware version which can mitigate this vulnerability. All users of this hardware should change default passwords of all the default accounts. \n \n \nEnable/Disable LAN side Firewall without admin privilege\n---------------------------------------------------------\n \n D-Link DSL-2730U wireless router is a very popular SOHO network device used in India. This device has three default accounts aadmina, asupporta and ausera. As per D-Link only aadmin\" account has unrestricted access to change configuration of device. Account name ausera can just view configuration settings and statistics. Default password of admin, support and user account are admin, support and user respectively. \n \n1. Description of Vulnerability\n \n Cross Site Request Forgery can be used to manipulate lancfg2.cgi in this device. An insider / external attacker (remote management to be enabled for external attacker) can enable/disable LAN side firewall without aadmina privilege using auser a account. \n \n2. Proof of Concept \n \n Use following URL to enable LAN side firewall\n \n http://user:user@192.168.1.1/lancfg2.cgi?ethIpAddress=192.168.1.1\u0026eth SubnetMask=255.255.255.0\u0026enblLanFirewall=1\u0026enblIgmpSnp=0\u0026enblIgmpMode=0\u0026dhcpEthStart=192.168.1.2\u0026dhcpEthEnd=192.168.1.254\u0026dhcpLeasedTime=86400\u0026enblDhcpSrv=1\u0026enblLan2=0\u0026enblLanDns=0\n \n \n \nUse following URL to disable LAN side firewall\n \nhttp://user:user@192.168.1.1/lancfg2.cgi?ethIpAddress=192.168.1.1\u0026ethSubnetMask=255.255.255.0\u0026enblLanFirewall=0\u0026enblIgmpSnp=0\u0026enblIgmpMode=0\u0026dhcpEthStart=192.168.1.2\u0026dhcpEthEnd=192.168.1.254\u0026dhcpLeasedTime=86400\u0026enblDhcpSrv=1\u0026enblLan2=0\u0026enblLanDns=0\n \n \n3. Impact of vulnerability\n \nBy disabling LAN side firewall and by enabling Port Triggering, an attacker can ensure a backdoor access within LAN side as well as from WAN side. \nAttacker can run port scanning tools to map services which otherwise wont be possible with firewall enabled. \n \n4. Solution\n \n As per D-Link India this is the only no updated firmware available for this hardware version which can mitigate this vulnerability. All users of this hardware should change default passwords of all the default accounts",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6411"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002114"
},
{
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"db": "BID",
"id": "41478"
},
{
"db": "BID",
"id": "96560"
},
{
"db": "VULHUB",
"id": "VHN-114614"
},
{
"db": "PACKETSTORM",
"id": "141390"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-114614",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114614"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6411",
"trust": 3.5
},
{
"db": "BID",
"id": "96560",
"trust": 3.4
},
{
"db": "EXPLOIT-DB",
"id": "41478",
"trust": 2.3
},
{
"db": "BID",
"id": "41478",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002114",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-015",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-02616",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "141390",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-114614",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"db": "VULHUB",
"id": "VHN-114614"
},
{
"db": "BID",
"id": "41478"
},
{
"db": "BID",
"id": "96560"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002114"
},
{
"db": "PACKETSTORM",
"id": "141390"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-015"
},
{
"db": "NVD",
"id": "CVE-2017-6411"
}
]
},
"id": "VAR-201703-1033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"db": "VULHUB",
"id": "VHN-114614"
}
],
"trust": 1.3527778
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02616"
}
]
},
"last_update_date": "2024-11-23T22:18:03.618000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dlink.com/"
},
{
"title": "Patch for D-LinkDSL-2730U Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/90385"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002114"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114614"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002114"
},
{
"db": "NVD",
"id": "CVE-2017-6411"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.exploit-db.com/exploits/41478/"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/96560"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6411"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-6411"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/96560/info"
},
{
"trust": 0.3,
"url": "http://www.cruxsoftware.co.uk/cruxpa.php"
},
{
"trust": 0.3,
"url": "/archive/1/512240"
},
{
"trust": 0.3,
"url": "http://www.dlink.com/"
},
{
"trust": 0.1,
"url": "http://user:user@192.168.1.1/password.cgi?"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6411"
},
{
"trust": 0.1,
"url": "http://www.dlink.co.in"
},
{
"trust": 0.1,
"url": "http://user:user@192.168.1.1/lancfg2.cgi?ethipaddress=192.168.1.1\u0026eth"
},
{
"trust": 0.1,
"url": "http://user:user@192.168.1.1/lancfg2.cgi?ethipaddress=192.168.1.1\u0026ethsubnetmask=255.255.255.0\u0026enbllanfirewall=0\u0026enbligmpsnp=0\u0026enbligmpmode=0\u0026dhcpethstart=192.168.1.2\u0026dhcpethend=192.168.1.254\u0026dhcpleasedtime=86400\u0026enbldhcpsrv=1\u0026enbllan2=0\u0026enbllandns=0"
},
{
"trust": 0.1,
"url": "http://user:user@192.168.1.1/dnscfg.cgi?dnsprimary=x.x.x.x\u0026dnssecondary=y.y.y.y\u0026dnsifcslist=\u0026dnsrefresh=1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"db": "VULHUB",
"id": "VHN-114614"
},
{
"db": "BID",
"id": "41478"
},
{
"db": "BID",
"id": "96560"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002114"
},
{
"db": "PACKETSTORM",
"id": "141390"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-015"
},
{
"db": "NVD",
"id": "CVE-2017-6411"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"db": "VULHUB",
"id": "VHN-114614"
},
{
"db": "BID",
"id": "41478"
},
{
"db": "BID",
"id": "96560"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002114"
},
{
"db": "PACKETSTORM",
"id": "141390"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-015"
},
{
"db": "NVD",
"id": "CVE-2017-6411"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"date": "2017-03-06T00:00:00",
"db": "VULHUB",
"id": "VHN-114614"
},
{
"date": "2010-07-05T00:00:00",
"db": "BID",
"id": "41478"
},
{
"date": "2017-03-06T00:00:00",
"db": "BID",
"id": "96560"
},
{
"date": "2017-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002114"
},
{
"date": "2017-03-01T10:11:11",
"db": "PACKETSTORM",
"id": "141390"
},
{
"date": "2017-03-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-015"
},
{
"date": "2017-03-06T06:59:00.317000",
"db": "NVD",
"id": "CVE-2017-6411"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"date": "2017-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-114614"
},
{
"date": "2010-07-05T00:00:00",
"db": "BID",
"id": "41478"
},
{
"date": "2017-03-07T00:15:00",
"db": "BID",
"id": "96560"
},
{
"date": "2017-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002114"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-015"
},
{
"date": "2024-11-21T03:29:42.930000",
"db": "NVD",
"id": "CVE-2017-6411"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "41478"
},
{
"db": "BID",
"id": "96560"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DSL-2730U Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02616"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-015"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "41478"
},
{
"db": "BID",
"id": "96560"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.