Details of VAR-201210-0578

ID

VAR-201210-0578

TITLE

D-Link DIR-605L CAPTCHA Data Stack Buffer Overflow Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2013-14064

DESCRIPTION

D-Link DIR-605L is a cloud router product from D-Link. A stack buffer overflow vulnerability exists in D-Link DIR-605L. An attacker could exploit the vulnerability to execute arbitrary code in the context of the affected device. D-Link DIR-605L is prone to a stack-based buffer-overflow vulnerability. D-Link DIR-605L running firmware versions 1.10, 1.12, and 1.13 is vulnerable; other versions may also be affected

Trust: 0.81

sources: CNVD: CNVD-2013-14064 // BID: 56330

IOT TAXONOMY

category:

['IoT', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-14064

AFFECTED PRODUCTS

vendor:	d link	model:	dir-605l	scope:	eq	version:	1.10	Trust: 0.6
vendor:	d link	model:	dir-605l	scope:	eq	version:	1.12	Trust: 0.6
vendor:	d link	model:	dir-605l	scope:	eq	version:	1.13	Trust: 0.6

sources: CNVD: CNVD-2013-14064

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2013-14064
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2013-14064
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2013-14064

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201310-567

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201310-567

EXTERNAL IDS

db:	BID	id:	56330	Trust: 1.5
db:	CNVD	id:	CNVD-2013-14064	Trust: 0.6
db:	CNNVD	id:	CNNVD-201310-567	Trust: 0.6

sources: CNVD: CNVD-2013-14064 // BID: 56330 // CNNVD: CNNVD-201310-567

REFERENCES

url:

http://www.securityfocus.com/bid/56330

Trust: 1.2

sources: CNVD: CNVD-2013-14064 // CNNVD: CNNVD-201310-567

CREDITS

Craig Heffner

Trust: 0.9

sources: BID: 56330 // CNNVD: CNNVD-201310-567

SOURCES

db:	CNVD	id:	CNVD-2013-14064
db:	BID	id:	56330
db:	CNNVD	id:	CNNVD-201310-567

LAST UPDATE DATE

2022-05-17T01:37:09.751000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-14064	date:	2013-10-25T00:00:00
db:	BID	id:	56330	date:	2013-10-23T01:07:00
db:	CNNVD	id:	CNNVD-201310-567	date:	2013-10-24T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-14064	date:	2013-10-25T00:00:00
db:	BID	id:	56330	date:	2012-10-08T00:00:00
db:	CNNVD	id:	CNNVD-201310-567	date:	2012-10-08T00:00:00