Sign-up

ID

VAR-201304-0481


TITLE

D-LINK DIR-615/DIR-300 HTTP Header Injection Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2013-04211

DESCRIPTION

The D-LINK DIR-615/DIR-300 set/runtime/diagnostic/pingIp and exeshell parameters lack sufficient validation of the input, allowing authenticated remote attackers to exploit the vulnerability to execute arbitrary OS commands. The D-LINK DIR-615/DIR-300 incorrectly restricts access to the DevInfo.txt file, allowing remote attackers to exploit the vulnerability to submit requests directly to obtain device information, including model, hardware version, linux kernel information, firmware version, language and MAC. address. The D-LINK DIR-615/DIR-300 password storage is not hashed and stored in the /var/etc/httppasswd file in plain text, which can lead to the disclosure of sensitive information. The D-LINK DIR-615/DIR-300 change password does not require a current password, allowing an attacker to change the password without having to know the authentication credentials. D-Link DIR-600 and DIR-300 are wireless routers. The following security vulnerabilities exist in D-Link DIR-600 and DIR-300: 1. Multiple command injection vulnerabilities 2. Cross-site request forgery vulnerabilities 3. Cross-site scripting vulnerabilities 4. Encryption algorithm vulnerabilities 5. Multiple information leakage vulnerabilities 6. HTTP header injection vulnerability 7. Security bypass vulnerability. Attackers can use these vulnerabilities to gain access to potentially sensitive information, crack stored passwords, execute arbitrary commands in the context of the affected device, steal cookie-based authentication, perform unauthorized operations in the user's session context, or redirect users Visit any website and execute HTTP request privately, there may be other forms of attacks. Other attacks are also possible

Trust: 4.59

sources: CNVD: CNVD-2013-04211 // CNVD: CNVD-2013-04209 // CNVD: CNVD-2013-04205 // CNVD: CNVD-2013-04212 // CNVD: CNVD-2013-04208 // CNVD: CNVD-2013-04207 // CNVD: CNVD-2013-04206 // CNNVD: CNNVD-201304-510 // BID: 59405

IOT TAXONOMY

category:['IoT', 'Network device']sub_category: -

Trust: 4.2

sources: CNVD: CNVD-2013-04211 // CNVD: CNVD-2013-04209 // CNVD: CNVD-2013-04205 // CNVD: CNVD-2013-04212 // CNVD: CNVD-2013-04208 // CNVD: CNVD-2013-04207 // CNVD: CNVD-2013-04206

AFFECTED PRODUCTS

vendor:d linkmodel:dir-300scope:eqversion:1.05

Trust: 4.5

vendor:d linkmodel:dir-615scope:eqversion:4.13

Trust: 4.2

sources: CNVD: CNVD-2013-04211 // CNVD: CNVD-2013-04209 // CNVD: CNVD-2013-04205 // CNVD: CNVD-2013-04212 // CNVD: CNVD-2013-04208 // CNVD: CNVD-2013-04207 // CNVD: CNVD-2013-04206 // BID: 59405

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2013-04211
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2013-04209
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2013-04205
value: HIGH

Trust: 0.6

CNVD: CNVD-2013-04212
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2013-04208
value: LOW

Trust: 0.6

CNVD: CNVD-2013-04207
value: LOW

Trust: 0.6

CNVD: CNVD-2013-04206
value: HIGH

Trust: 0.6

CNVD: CNVD-2013-04211
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2013-04209
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2013-04205
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2013-04212
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2013-04208
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2013-04207
severity: LOW
baseScore: 3.5
vectorString: AV:N/AC:M/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.8
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2013-04206
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2013-04211 // CNVD: CNVD-2013-04209 // CNVD: CNVD-2013-04205 // CNVD: CNVD-2013-04212 // CNVD: CNVD-2013-04208 // CNVD: CNVD-2013-04207 // CNVD: CNVD-2013-04206

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201304-510

TYPE

Unknown

Trust: 0.3

sources: BID: 59405

PATCH

title:D-LINK DIR-615/DIR-300 HTTP header injection vulnerability patchurl:https://www.cnvd.org.cn/patchinfo/show/33635

Trust: 0.6

title:Patch for D-LINK DIR-615/DIR-300 Reflective Cross-Site Scripting Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/33634

Trust: 0.6

title:D-LINK DIR-615/DIR-300 OS Command Injection Vulnerability Patchurl:https://www.cnvd.org.cn/patchinfo/show/33630

Trust: 0.6

title:Patch for D-LINK DIR-615/DIR-300 Sensitive Information Disclosure Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/33636

Trust: 0.6

title:D-LINK DIR-615/DIR-300 Patch for Unsecure Encryption Storage Vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/33633

Trust: 0.6

title:Patch for D-LINK DIR-615/DIR-300 Cross-Site Request Forgery Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/33632

Trust: 0.6

title:Patch for D-LINK DIR-615/DIR-300 Password Change Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/33631

Trust: 0.6

sources: CNVD: CNVD-2013-04211 // CNVD: CNVD-2013-04209 // CNVD: CNVD-2013-04205 // CNVD: CNVD-2013-04212 // CNVD: CNVD-2013-04208 // CNVD: CNVD-2013-04207 // CNVD: CNVD-2013-04206

EXTERNAL IDS

db:BIDid:59405

Trust: 5.1

db:CNVDid:CNVD-2013-04211

Trust: 0.6

db:CNVDid:CNVD-2013-04209

Trust: 0.6

db:CNVDid:CNVD-2013-04205

Trust: 0.6

db:CNVDid:CNVD-2013-04212

Trust: 0.6

db:CNVDid:CNVD-2013-04208

Trust: 0.6

db:CNVDid:CNVD-2013-04207

Trust: 0.6

db:CNVDid:CNVD-2013-04206

Trust: 0.6

db:CNNVDid:CNNVD-201304-510

Trust: 0.6

sources: CNVD: CNVD-2013-04211 // CNVD: CNVD-2013-04209 // CNVD: CNVD-2013-04205 // CNVD: CNVD-2013-04212 // CNVD: CNVD-2013-04208 // CNVD: CNVD-2013-04207 // CNVD: CNVD-2013-04206 // BID: 59405 // CNNVD: CNNVD-201304-510

REFERENCES

url:http://seclists.org/bugtraq/2013/apr/148

Trust: 4.2

url:http://www.securityfocus.com/bid/59405

Trust: 0.6

url:http://www.dlink.com/products/?pid=565

Trust: 0.3

url:http://www.dlink.com/

Trust: 0.3

sources: CNVD: CNVD-2013-04211 // CNVD: CNVD-2013-04209 // CNVD: CNVD-2013-04205 // CNVD: CNVD-2013-04212 // CNVD: CNVD-2013-04208 // CNVD: CNVD-2013-04207 // CNVD: CNVD-2013-04206 // BID: 59405 // CNNVD: CNNVD-201304-510

CREDITS

Michael Messner

Trust: 0.9

sources: BID: 59405 // CNNVD: CNNVD-201304-510

SOURCES

db:CNVDid:CNVD-2013-04211
db:CNVDid:CNVD-2013-04209
db:CNVDid:CNVD-2013-04205
db:CNVDid:CNVD-2013-04212
db:CNVDid:CNVD-2013-04208
db:CNVDid:CNVD-2013-04207
db:CNVDid:CNVD-2013-04206
db:BIDid:59405
db:CNNVDid:CNNVD-201304-510

LAST UPDATE DATE

2022-05-17T02:05:56.995000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-04211date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04209date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04205date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04212date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04208date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04207date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04206date:2013-04-26T00:00:00
db:BIDid:59405date:2013-08-08T05:15:00
db:CNNVDid:CNNVD-201304-510date:2013-04-24T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2013-04211date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04209date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04205date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04212date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04208date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04207date:2013-04-26T00:00:00
db:CNVDid:CNVD-2013-04206date:2013-04-26T00:00:00
db:BIDid:59405date:2013-04-22T00:00:00
db:CNNVDid:CNNVD-201304-510date:2013-04-24T00:00:00