Sign-up

ID

VAR-201302-0529


TITLE

D-Link DIR-600 and DIR-300 Cross-Site Scripting Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2013-00970

DESCRIPTION

There are loopholes in the D-Link DIR-600 and DIR-300. There are security bypass vulnerabilities in the D-Link DIR-600 and DIR-300. Due to the lack of access restrictions and input validation for cmd parameters, an attacker can exploit the vulnerability to inject and execute arbitrary shell commands. The D-Link DIR-600 and DIR-300 are wireless routing devices. An information disclosure vulnerability exists in the D-Link DIR-600 and DIR-300. An attacker can exploit a vulnerability to disclose sensitive information. A remote command-execution vulnerability 2. A security-bypass vulnerability 4. A password encryption weakness 5

Trust: 2.97

sources: CNVD: CNVD-2013-00970 // CNVD: CNVD-2013-00968 // CNVD: CNVD-2013-00969 // CNVD: CNVD-2013-00967 // CNVD: CNVD-2013-00861 // BID: 57734

IOT TAXONOMY

category:['IoT', 'Network device']sub_category: -

Trust: 3.0

sources: CNVD: CNVD-2013-00970 // CNVD: CNVD-2013-00968 // CNVD: CNVD-2013-00969 // CNVD: CNVD-2013-00967 // CNVD: CNVD-2013-00861

AFFECTED PRODUCTS

vendor:d linkmodel:dir-300scope: - version: -

Trust: 3.0

vendor:d linkmodel:dir-600scope: - version: -

Trust: 3.0

sources: CNVD: CNVD-2013-00970 // CNVD: CNVD-2013-00968 // CNVD: CNVD-2013-00969 // CNVD: CNVD-2013-00967 // CNVD: CNVD-2013-00861

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201302-117

TYPE

Unknown

Trust: 0.3

sources: BID: 57734

EXTERNAL IDS

db:BIDid:57734

Trust: 3.9

db:CNVDid:CNVD-2013-00970

Trust: 0.6

db:CNVDid:CNVD-2013-00968

Trust: 0.6

db:CNVDid:CNVD-2013-00969

Trust: 0.6

db:CNVDid:CNVD-2013-00967

Trust: 0.6

db:CNVDid:CNVD-2013-00861

Trust: 0.6

db:CNNVDid:CNNVD-201302-117

Trust: 0.6

sources: CNVD: CNVD-2013-00970 // CNVD: CNVD-2013-00968 // CNVD: CNVD-2013-00969 // CNVD: CNVD-2013-00967 // CNVD: CNVD-2013-00861 // BID: 57734 // CNNVD: CNNVD-201302-117

REFERENCES

url:http://www.securityfocus.com/archive/1/525559

Trust: 3.0

url:http://www.securityfocus.com/bid/57734

Trust: 0.6

url:http://www.dlink.com/

Trust: 0.3

sources: CNVD: CNVD-2013-00970 // CNVD: CNVD-2013-00968 // CNVD: CNVD-2013-00969 // CNVD: CNVD-2013-00967 // CNVD: CNVD-2013-00861 // BID: 57734 // CNNVD: CNNVD-201302-117

CREDITS

Michael Messner

Trust: 0.9

sources: BID: 57734 // CNNVD: CNNVD-201302-117

SOURCES

db:CNVDid:CNVD-2013-00970
db:CNVDid:CNVD-2013-00968
db:CNVDid:CNVD-2013-00969
db:CNVDid:CNVD-2013-00967
db:CNVDid:CNVD-2013-00861
db:BIDid:57734
db:CNNVDid:CNNVD-201302-117

LAST UPDATE DATE

2022-05-17T01:53:14.509000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-00970date:2013-02-17T00:00:00
db:CNVDid:CNVD-2013-00968date:2013-02-17T00:00:00
db:CNVDid:CNVD-2013-00969date:2013-02-17T00:00:00
db:CNVDid:CNVD-2013-00967date:2013-02-17T00:00:00
db:CNVDid:CNVD-2013-00861date:2013-02-17T00:00:00
db:BIDid:57734date:2013-08-09T09:06:00
db:CNNVDid:CNNVD-201302-117date:2013-02-07T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2013-00970date:2013-02-17T00:00:00
db:CNVDid:CNVD-2013-00968date:2013-02-17T00:00:00
db:CNVDid:CNVD-2013-00969date:2013-02-17T00:00:00
db:CNVDid:CNVD-2013-00967date:2013-02-17T00:00:00
db:CNVDid:CNVD-2013-00861date:2013-02-17T00:00:00
db:BIDid:57734date:2013-02-05T00:00:00
db:CNNVDid:CNNVD-201302-117date:2013-02-07T00:00:00