Sign-up

ID

VAR-201309-0593


TITLE

D-Link DSL-2740B Router Cross-Site Request Forgery Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2013-13388

DESCRIPTION

The D-Link DSL-2740B is a router device. D-Link DSL-2740B EU_1.00 has a cross-site request forgery vulnerability that allows an attacker to exploit a vulnerability to construct a malicious URI, to entice a user to resolve, and to perform malicious operations in the target user context, such as disabling or enabling a wireless MAC address filter, firewall Protection and so on.

Trust: 0.6

sources: CNVD: CNVD-2013-13388

IOT TAXONOMY

category:['IoT', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-13388

AFFECTED PRODUCTS

vendor:d linkmodel:dsl-2740bscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2013-13388

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2013-13388
value: LOW

Trust: 0.6

CNVD: CNVD-2013-13388
severity: LOW
baseScore: 3.5
vectorString: AV:N/AC:M/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.8
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2013-13388

EXTERNAL IDS

db:SECUNIAid:54795

Trust: 0.6

db:CNVDid:CNVD-2013-13388

Trust: 0.6

sources: CNVD: CNVD-2013-13388

REFERENCES

url:http://www.secunia.com/advisories/54795/

Trust: 0.6

url:http://www.webapp-security.com/wp-content/uploads/2013/09/d-link-dsl-2740b-multiple-csrf-vulnerabilities1.txt

Trust: 0.6

url:http://www.webapp-security.com/2013/09/d-link-dsl-2740b-multiple-csrf-vulnerabilities/

Trust: 0.6

sources: CNVD: CNVD-2013-13388

SOURCES

db:CNVDid:CNVD-2013-13388

LAST UPDATE DATE

2022-05-17T01:46:35.299000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-13388date:2013-09-29T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2013-13388date:2013-09-29T00:00:00