Details of VAR-201511-0419

ID

VAR-201511-0419

TITLE

D-Link DIR-866L 'HNAP' and 'Send Email' feature buffer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2015-07853

DESCRIPTION

Dlink DIR-866L is a wireless router product from D-Link. A buffer overflow vulnerability exists in Dlink DIR-866L, which originates from a program that does not perform correct boundary checks on user-submitted input. An attacker could use this vulnerability to execute arbitrary code in the context of an affected application and may cause a denial of service. Failed exploits may result in denial-of-service conditions

Trust: 1.35

sources: CNVD: CNVD-2015-07853 // CNNVD: CNNVD-201511-363 // BID: 77589

IOT TAXONOMY

category:

['IoT', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-07853

AFFECTED PRODUCTS

vendor:

d link

model:

dir-866l

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2015-07853

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2015-07853
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2015-07853
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2015-07853

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201511-363

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201511-363

EXTERNAL IDS

db:	BID	id:	77589	Trust: 1.5
db:	CNVD	id:	CNVD-2015-07853	Trust: 0.6
db:	CNNVD	id:	CNNVD-201511-363	Trust: 0.6

sources: CNVD: CNVD-2015-07853 // BID: 77589 // CNNVD: CNNVD-201511-363

REFERENCES

url:	http://www.securityfocus.com/bid/77589	Trust: 1.2
url:	http://www.dlink.com/	Trust: 0.3
url:	http://seclists.org/bugtraq/2015/nov/68	Trust: 0.3

sources: CNVD: CNVD-2015-07853 // BID: 77589 // CNNVD: CNNVD-201511-363

CREDITS

Samuel Huntley

Trust: 0.9

sources: BID: 77589 // CNNVD: CNNVD-201511-363

SOURCES

db:	CNVD	id:	CNVD-2015-07853
db:	BID	id:	77589
db:	CNNVD	id:	CNNVD-201511-363

LAST UPDATE DATE

2022-05-17T01:47:56.774000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-07853	date:	2015-12-07T00:00:00
db:	BID	id:	77589	date:	2015-12-07T22:22:00
db:	CNNVD	id:	CNNVD-201511-363	date:	2015-11-20T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-07853	date:	2015-11-30T00:00:00
db:	BID	id:	77589	date:	2015-11-13T00:00:00
db:	CNNVD	id:	CNNVD-201511-363	date:	2015-11-20T00:00:00