Sign-up

ID

VAR-201302-0520


TITLE

D-Link DIR-645 Router Remote Verification Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2013-01418

DESCRIPTION

The D-Link DIR-645 is a router device. The D-Link DIR-645 application does not properly restrict access to certain scripts, allowing an attacker to exploit a vulnerability to submit a malicious request for sensitive information. D-Link DIR-645 routers are prone to a remote authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access. D-Link DIR-645 running firmware prior to version 1.03 are vulnerable

Trust: 0.81

sources: CNVD: CNVD-2013-01418 // BID: 58231

IOT TAXONOMY

category:['IoT', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-01418

AFFECTED PRODUCTS

vendor:d linkmodel:dir-645scope:eqversion:1.x

Trust: 0.6

vendor:d linkmodel:dir-645scope:eqversion:1.02

Trust: 0.3

vendor:d linkmodel:dir-645scope:neversion:1.03

Trust: 0.3

sources: CNVD: CNVD-2013-01418 // BID: 58231

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201303-018

TYPE

Access Validation Error

Trust: 0.3

sources: BID: 58231

PATCH

title:D-Link DIR-645 Router Remote Verification Vulnerability Patchurl:https://www.cnvd.org.cn/patchinfo/show/32531

Trust: 0.6

sources: CNVD: CNVD-2013-01418

EXTERNAL IDS

db:BIDid:58231

Trust: 1.5

db:CNVDid:CNVD-2013-01418

Trust: 0.6

db:CNNVDid:CNNVD-201303-018

Trust: 0.6

sources: CNVD: CNVD-2013-01418 // BID: 58231 // CNNVD: CNNVD-201303-018

REFERENCES

url:http://archives.neohapsis.com/archives/bugtraq/2013-02/0151.html

Trust: 0.6

url:http://www.securityfocus.com/bid/58231

Trust: 0.6

url:http://www.dlink.com/ca/en/home-solutions/connect/routers/dir-645-wireless-n-home-router-1000

Trust: 0.3

sources: CNVD: CNVD-2013-01418 // BID: 58231 // CNNVD: CNNVD-201303-018

CREDITS

Roberto Paleari

Trust: 0.9

sources: BID: 58231 // CNNVD: CNNVD-201303-018

SOURCES

db:CNVDid:CNVD-2013-01418
db:BIDid:58231
db:CNNVDid:CNNVD-201303-018

LAST UPDATE DATE

2022-05-17T01:41:29.799000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-01418date:2013-03-05T00:00:00
db:BIDid:58231date:2013-02-28T00:00:00
db:CNNVDid:CNNVD-201303-018date:2013-03-04T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2013-01418date:2013-03-05T00:00:00
db:BIDid:58231date:2013-02-28T00:00:00
db:CNNVDid:CNNVD-201303-018date:2013-02-28T00:00:00