Sign-up

ID

VAR-202001-1854


CVE

CVE-2019-17146


TITLE

D-Link DCS-960L Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-014046

DESCRIPTION

This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the SOAPAction request header, the process does not properly validate the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8458. D-Link DCS-960L Contains an input validation vulnerability. Zero Day Initiative Does not address this vulnerability ZDI-CAN-8458 Was numbered.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. D-Link DCS-960L is a webcam product from Taiwan D-Link. The HNAP service in D-Link DCS-960L has a security vulnerability

Trust: 2.79

sources: NVD: CVE-2019-17146 // JVNDB: JVNDB-2019-014046 // ZDI: ZDI-19-1031 // CNVD: CNVD-2020-02465

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-02465

AFFECTED PRODUCTS

vendor:d linkmodel:dcs-960lscope: - version: -

Trust: 1.3

vendor:dlinkmodel:dcs-935lscope:lteversion:1.12.101

Trust: 1.0

vendor:dlinkmodel:dcs-960lscope:lteversion:1.07.102

Trust: 1.0

vendor:d linkmodel:dcs-935lscope: - version: -

Trust: 0.8

vendor:d linkmodel:dcs-960lscope:eqversion:1.07.102

Trust: 0.8

sources: ZDI: ZDI-19-1031 // CNVD: CNVD-2020-02465 // JVNDB: JVNDB-2019-014046 // NVD: CVE-2019-17146

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-17146
value: CRITICAL

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2019-17146
value: HIGH

Trust: 1.0

NVD: CVE-2019-17146
value: CRITICAL

Trust: 0.8

ZDI: CVE-2019-17146
value: HIGH

Trust: 0.7

CNVD: CNVD-2020-02465
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201912-1041
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2019-17146
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2020-02465
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2019-17146
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2019-17146
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: CVE-2019-17146
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2019-17146
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-19-1031 // CNVD: CNVD-2020-02465 // JVNDB: JVNDB-2019-014046 // CNNVD: CNNVD-201912-1041 // NVD: CVE-2019-17146 // NVD: CVE-2019-17146

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-306

Trust: 1.0

problemtype:CWE-20

Trust: 0.8

sources: JVNDB: JVNDB-2019-014046 // NVD: CVE-2019-17146

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201912-1041

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201912-1041

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-014046

PATCH
title:DCS-960L :: Ax :: FW v1.07.102 :: CVE-2019-17146 :: HNAP SOAPAction Stack-based Buffer Overflow Remote Code Execution Security Vulnerabilityurl:https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10142
Trust: 1.5
title:Patch for D-Link DCS-960L Buffer Overflow Remote Code Execution Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/197305
Trust: 0.6
title:D-Link DCS-960L Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108241
Trust: 0.6
sources:
            
            
            ZDI: ZDI-19-1031 // 
            
            
            
            CNVD: CNVD-2020-02465 // 
            
            
            
            JVNDB: JVNDB-2019-014046 // 
            
            
            
            CNNVD: CNNVD-201912-1041

EXTERNAL IDS
db:NVDid:CVE-2019-17146
Trust: 3.7
db:ZDIid:ZDI-19-1031
Trust: 3.7
db:DLINKid:SAP10142
Trust: 1.6
db:JVNDBid:JVNDB-2019-014046
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-8458
Trust: 0.7
db:CNVDid:CNVD-2020-02465
Trust: 0.6
db:CNNVDid:CNNVD-201912-1041
Trust: 0.6
sources:
            
            
            ZDI: ZDI-19-1031 // 
            
            
            
            CNVD: CNVD-2020-02465 // 
            
            
            
            JVNDB: JVNDB-2019-014046 // 
            
            
            
            CNNVD: CNNVD-201912-1041 // 
            
            
            
            NVD: CVE-2019-17146

REFERENCES
url:https://www.zerodayinitiative.com/advisories/zdi-19-1031/
Trust: 3.0
url:https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10142
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2019-17146
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17146
Trust: 0.8
sources:
            
            
            ZDI: ZDI-19-1031 // 
            
            
            
            CNVD: CNVD-2020-02465 // 
            
            
            
            JVNDB: JVNDB-2019-014046 // 
            
            
            
            CNNVD: CNNVD-201912-1041 // 
            
            
            
            NVD: CVE-2019-17146

CREDITS
Anonymous
Trust: 1.3
sources:
            
            
            ZDI: ZDI-19-1031 // 
            
            
            
            CNNVD: CNNVD-201912-1041

SOURCES
db:ZDIid:ZDI-19-1031
db:CNVDid:CNVD-2020-02465
db:JVNDBid:JVNDB-2019-014046
db:CNNVDid:CNNVD-201912-1041
db:NVDid:CVE-2019-17146

LAST UPDATE DATE
2024-11-23T23:08:06.536000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-19-1031date:2019-12-23T00:00:00
db:CNVDid:CNVD-2020-02465date:2020-01-16T00:00:00
db:JVNDBid:JVNDB-2019-014046date:2020-01-27T00:00:00
db:CNNVDid:CNNVD-201912-1041date:2021-11-02T00:00:00
db:NVDid:CVE-2019-17146date:2024-11-21T04:31:47.270

SOURCES RELEASE DATE
db:ZDIid:ZDI-19-1031date:2019-12-23T00:00:00
db:CNVDid:CNVD-2020-02465date:2020-01-16T00:00:00
db:JVNDBid:JVNDB-2019-014046date:2020-01-27T00:00:00
db:CNNVDid:CNNVD-201912-1041date:2019-12-23T00:00:00
db:NVDid:CVE-2019-17146date:2020-01-07T23:15:10.823