{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
affected_products: {
"@id": "https://www.variotdbs.pl/ref/affected_products",
},
configurations: {
"@id": "https://www.variotdbs.pl/ref/configurations",
},
credits: {
"@id": "https://www.variotdbs.pl/ref/credits",
},
cvss: {
"@id": "https://www.variotdbs.pl/ref/cvss/",
},
description: {
"@id": "https://www.variotdbs.pl/ref/description/",
},
exploit_availability: {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/",
},
external_ids: {
"@id": "https://www.variotdbs.pl/ref/external_ids/",
},
iot: {
"@id": "https://www.variotdbs.pl/ref/iot/",
},
iot_taxonomy: {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
},
patch: {
"@id": "https://www.variotdbs.pl/ref/patch/",
},
problemtype_data: {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/",
},
references: {
"@id": "https://www.variotdbs.pl/ref/references/",
},
sources: {
"@id": "https://www.variotdbs.pl/ref/sources/",
},
sources_release_date: {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/",
},
sources_update_date: {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/",
},
threat_type: {
"@id": "https://www.variotdbs.pl/ref/threat_type/",
},
title: {
"@id": "https://www.variotdbs.pl/ref/title/",
},
type: {
"@id": "https://www.variotdbs.pl/ref/type/",
},
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0703",
affected_products: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
data: {
"@container": "@list",
},
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
"@id": "https://www.variotdbs.pl/ref/sources",
},
},
data: [
{
model: "dir-600",
scope: "lt",
trust: 1,
vendor: "dlink",
version: "2.17b01",
},
{
model: "dir-300",
scope: "eq",
trust: 1,
vendor: "dlink",
version: "2.14b01",
},
{
model: "dir-845",
scope: "lt",
trust: 1,
vendor: "dlink",
version: "1.02b03",
},
{
model: "dir-865",
scope: "eq",
trust: 1,
vendor: "dlink",
version: "1.05b03",
},
{
model: "dir-645",
scope: "lt",
trust: 1,
vendor: "dlink",
version: "1.04b11",
},
{
model: "dir-300",
scope: null,
trust: 0.8,
vendor: "d link",
version: null,
},
{
model: "dir-600",
scope: "lt",
trust: 0.8,
vendor: "d link",
version: "2.17b01",
},
{
model: "dir-645",
scope: "lt",
trust: 0.8,
vendor: "d link",
version: "1.04b11",
},
{
model: "dir-845",
scope: "lt",
trust: 0.8,
vendor: "d link",
version: "1.02b03",
},
{
model: "dir-865",
scope: null,
trust: 0.8,
vendor: "d link",
version: null,
},
{
model: "dir-600 <v2.17b01",
scope: null,
trust: 0.6,
vendor: "d link",
version: null,
},
{
model: "dir-645 <v1.04b11",
scope: null,
trust: 0.6,
vendor: "d link",
version: null,
},
{
model: "dir-845 <v1.02b03",
scope: null,
trust: 0.6,
vendor: "d link",
version: null,
},
],
sources: [
{
db: "CNVD",
id: "CNVD-2019-39561",
},
{
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
db: "NVD",
id: "CVE-2013-7471",
},
],
},
configurations: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
children: {
"@container": "@list",
},
cpe_match: {
"@container": "@list",
},
data: {
"@container": "@list",
},
nodes: {
"@container": "@list",
},
},
data: [
{
CVE_data_version: "4.0",
nodes: [
{
children: [
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:o:dlink:dir-300_firmware:2.14b01:*:*:*:*:*:*:*",
cpe_name: [],
vulnerable: true,
},
],
operator: "OR",
},
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:h:dlink:dir-300:b:*:*:*:*:*:*:*",
cpe_name: [],
vulnerable: false,
},
],
operator: "OR",
},
],
cpe_match: [],
operator: "AND",
},
{
children: [
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:o:dlink:dir-600_firmware:*:*:*:*:*:*:*:*",
cpe_name: [],
versionEndExcluding: "2.17b01",
vulnerable: true,
},
],
operator: "OR",
},
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:h:dlink:dir-600:-:*:*:*:*:*:*:*",
cpe_name: [],
vulnerable: false,
},
],
operator: "OR",
},
],
cpe_match: [],
operator: "AND",
},
{
children: [
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:o:dlink:dir-645_firmware:*:*:*:*:*:*:*:*",
cpe_name: [],
versionEndExcluding: "1.04b11",
vulnerable: true,
},
],
operator: "OR",
},
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:h:dlink:dir-645:-:*:*:*:*:*:*:*",
cpe_name: [],
vulnerable: false,
},
],
operator: "OR",
},
],
cpe_match: [],
operator: "AND",
},
{
children: [
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:o:dlink:dir-845_firmware:*:*:*:*:*:*:*:*",
cpe_name: [],
versionEndExcluding: "1.02b03",
vulnerable: true,
},
],
operator: "OR",
},
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:h:dlink:dir-845:-:*:*:*:*:*:*:*",
cpe_name: [],
vulnerable: false,
},
],
operator: "OR",
},
],
cpe_match: [],
operator: "AND",
},
{
children: [
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:o:dlink:dir-865_firmware:1.05b03:*:*:*:*:*:*:*",
cpe_name: [],
vulnerable: true,
},
],
operator: "OR",
},
{
children: [],
cpe_match: [
{
cpe23Uri: "cpe:2.3:h:dlink:dir-865:-:*:*:*:*:*:*:*",
cpe_name: [],
vulnerable: false,
},
],
operator: "OR",
},
],
cpe_match: [],
operator: "AND",
},
],
},
],
sources: [
{
db: "NVD",
id: "CVE-2013-7471",
},
],
},
cve: "CVE-2013-7471",
cvss: {
"@context": {
cvssV2: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
},
cvssV3: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
},
severity: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#",
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity",
},
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
"@id": "https://www.variotdbs.pl/ref/sources",
},
},
data: [
{
cvssV2: [
{
acInsufInfo: false,
accessComplexity: "LOW",
accessVector: "NETWORK",
authentication: "NONE",
author: "NVD",
availabilityImpact: "PARTIAL",
baseScore: 7.5,
confidentialityImpact: "PARTIAL",
exploitabilityScore: 10,
impactScore: 6.4,
integrityImpact: "PARTIAL",
obtainAllPrivilege: false,
obtainOtherPrivilege: false,
obtainUserPrivilege: false,
severity: "HIGH",
trust: 1,
userInteractionRequired: false,
vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
version: "2.0",
},
{
acInsufInfo: null,
accessComplexity: "Low",
accessVector: "Network",
authentication: "None",
author: "NVD",
availabilityImpact: "Partial",
baseScore: 7.5,
confidentialityImpact: "Partial",
exploitabilityScore: null,
id: "CVE-2013-7471",
impactScore: null,
integrityImpact: "Partial",
obtainAllPrivilege: null,
obtainOtherPrivilege: null,
obtainUserPrivilege: null,
severity: "High",
trust: 0.9,
userInteractionRequired: null,
vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
version: "2.0",
},
{
accessComplexity: "LOW",
accessVector: "NETWORK",
authentication: "NONE",
author: "CNVD",
availabilityImpact: "PARTIAL",
baseScore: 7.5,
confidentialityImpact: "PARTIAL",
exploitabilityScore: 10,
id: "CNVD-2019-39561",
impactScore: 6.4,
integrityImpact: "PARTIAL",
severity: "HIGH",
trust: 0.6,
vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
version: "2.0",
},
{
accessComplexity: "LOW",
accessVector: "NETWORK",
authentication: "NONE",
author: "VULHUB",
availabilityImpact: "PARTIAL",
baseScore: 7.5,
confidentialityImpact: "PARTIAL",
exploitabilityScore: 10,
id: "VHN-67473",
impactScore: 6.4,
integrityImpact: "PARTIAL",
severity: "HIGH",
trust: 0.1,
vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P",
version: "2.0",
},
],
cvssV3: [
{
attackComplexity: "LOW",
attackVector: "NETWORK",
author: "NVD",
availabilityImpact: "HIGH",
baseScore: 9.8,
baseSeverity: "CRITICAL",
confidentialityImpact: "HIGH",
exploitabilityScore: 3.9,
impactScore: 5.9,
integrityImpact: "HIGH",
privilegesRequired: "NONE",
scope: "UNCHANGED",
trust: 1,
userInteraction: "NONE",
vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
version: "3.1",
},
{
attackComplexity: "Low",
attackVector: "Network",
author: "NVD",
availabilityImpact: "High",
baseScore: 9.8,
baseSeverity: "Critical",
confidentialityImpact: "High",
exploitabilityScore: null,
id: "CVE-2013-7471",
impactScore: null,
integrityImpact: "High",
privilegesRequired: "None",
scope: "Unchanged",
trust: 0.8,
userInteraction: "None",
vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
version: "3.0",
},
],
severity: [
{
author: "NVD",
id: "CVE-2013-7471",
trust: 1.8,
value: "CRITICAL",
},
{
author: "CNVD",
id: "CNVD-2019-39561",
trust: 0.6,
value: "HIGH",
},
{
author: "CNNVD",
id: "CNNVD-201906-399",
trust: 0.6,
value: "CRITICAL",
},
{
author: "VULHUB",
id: "VHN-67473",
trust: 0.1,
value: "HIGH",
},
{
author: "VULMON",
id: "CVE-2013-7471",
trust: 0.1,
value: "HIGH",
},
],
},
],
sources: [
{
db: "CNVD",
id: "CNVD-2019-39561",
},
{
db: "VULHUB",
id: "VHN-67473",
},
{
db: "VULMON",
id: "CVE-2013-7471",
},
{
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
db: "NVD",
id: "CVE-2013-7471",
},
{
db: "CNNVD",
id: "CNNVD-201906-399",
},
],
},
description: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: "An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalClient, NewExternalPort, or NewInternalPort element of a SOAP POST request. plural D-Link The product contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-845 and so on are all wireless routers from Taiwan D-Link. \n\nCommand injection vulnerability exists in soap.cgi? Service = WANIPConn1 URL in multiple D-Link products. The vulnerability stems from the fact that the network system or product did not properly filter the special elements in the process of constructing executable commands from external input data. An attacker could use this vulnerability to execute an illegal command. The following products and versions are affected: D-Link DIR-845 prior to v1.02b03; DIR-600 prior to v2.17b01; DIR-645 prior to v1.04b11; DIR-300 (rev",
sources: [
{
db: "NVD",
id: "CVE-2013-7471",
},
{
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
db: "CNVD",
id: "CNVD-2019-39561",
},
{
db: "VULHUB",
id: "VHN-67473",
},
{
db: "VULMON",
id: "CVE-2013-7471",
},
],
trust: 2.34,
},
external_ids: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
data: {
"@container": "@list",
},
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: [
{
db: "NVD",
id: "CVE-2013-7471",
trust: 3.2,
},
{
db: "EXPLOIT-DB",
id: "27044",
trust: 2.4,
},
{
db: "JVNDB",
id: "JVNDB-2013-006844",
trust: 0.8,
},
{
db: "CNNVD",
id: "CNNVD-201906-399",
trust: 0.7,
},
{
db: "EXPLOITDB",
id: "27044",
trust: 0.6,
},
{
db: "CNVD",
id: "CNVD-2019-39561",
trust: 0.6,
},
{
db: "VULHUB",
id: "VHN-67473",
trust: 0.1,
},
{
db: "VULMON",
id: "CVE-2013-7471",
trust: 0.1,
},
],
sources: [
{
db: "CNVD",
id: "CNVD-2019-39561",
},
{
db: "VULHUB",
id: "VHN-67473",
},
{
db: "VULMON",
id: "CVE-2013-7471",
},
{
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
db: "NVD",
id: "CVE-2013-7471",
},
{
db: "CNNVD",
id: "CNNVD-201906-399",
},
],
},
id: "VAR-201906-0703",
iot: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: true,
sources: [
{
db: "CNVD",
id: "CNVD-2019-39561",
},
{
db: "VULHUB",
id: "VHN-67473",
},
],
trust: 1.454548685,
},
iot_taxonomy: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
data: {
"@container": "@list",
},
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: [
{
category: [
"Network device",
],
sub_category: null,
trust: 0.6,
},
],
sources: [
{
db: "CNVD",
id: "CNVD-2019-39561",
},
],
},
last_update_date: "2023-12-18T13:43:21.743000Z",
patch: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
data: {
"@container": "@list",
},
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: [
{
title: "Top Page",
trust: 0.8,
url: "http://us.dlink.com/",
},
{
title: "Patch for Command injection vulnerability in multiple D-Link products",
trust: 0.6,
url: "https://www.cnvd.org.cn/patchinfo/show/189043",
},
{
title: "Multiple D-Link Product Command Injection Vulnerability Fixes",
trust: 0.6,
url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=93638",
},
],
sources: [
{
db: "CNVD",
id: "CNVD-2019-39561",
},
{
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
db: "CNNVD",
id: "CNNVD-201906-399",
},
],
},
problemtype_data: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: [
{
problemtype: "CWE-77",
trust: 1.9,
},
],
sources: [
{
db: "VULHUB",
id: "VHN-67473",
},
{
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
db: "NVD",
id: "CVE-2013-7471",
},
],
},
references: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
data: {
"@container": "@list",
},
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: [
{
trust: 2.6,
url: "http://www.s3cur1ty.de/m1adv2013-020",
},
{
trust: 2.4,
url: "https://www.exploit-db.com/exploits/27044",
},
{
trust: 2,
url: "https://nvd.nist.gov/vuln/detail/cve-2013-7471",
},
{
trust: 0.8,
url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7471",
},
{
trust: 0.1,
url: "https://cwe.mitre.org/data/definitions/77.html",
},
{
trust: 0.1,
url: "https://nvd.nist.gov",
},
],
sources: [
{
db: "CNVD",
id: "CNVD-2019-39561",
},
{
db: "VULHUB",
id: "VHN-67473",
},
{
db: "VULMON",
id: "CVE-2013-7471",
},
{
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
db: "NVD",
id: "CVE-2013-7471",
},
{
db: "CNNVD",
id: "CNNVD-201906-399",
},
],
},
sources: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
data: {
"@container": "@list",
},
},
data: [
{
db: "CNVD",
id: "CNVD-2019-39561",
},
{
db: "VULHUB",
id: "VHN-67473",
},
{
db: "VULMON",
id: "CVE-2013-7471",
},
{
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
db: "NVD",
id: "CVE-2013-7471",
},
{
db: "CNNVD",
id: "CNNVD-201906-399",
},
],
},
sources_release_date: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
data: {
"@container": "@list",
},
},
data: [
{
date: "2019-11-07T00:00:00",
db: "CNVD",
id: "CNVD-2019-39561",
},
{
date: "2019-06-11T00:00:00",
db: "VULHUB",
id: "VHN-67473",
},
{
date: "2019-06-11T00:00:00",
db: "VULMON",
id: "CVE-2013-7471",
},
{
date: "2019-06-20T00:00:00",
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
date: "2019-06-11T21:29:00.397000",
db: "NVD",
id: "CVE-2013-7471",
},
{
date: "2019-06-11T00:00:00",
db: "CNNVD",
id: "CNNVD-201906-399",
},
],
},
sources_update_date: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
data: {
"@container": "@list",
},
},
data: [
{
date: "2019-11-07T00:00:00",
db: "CNVD",
id: "CNVD-2019-39561",
},
{
date: "2019-06-12T00:00:00",
db: "VULHUB",
id: "VHN-67473",
},
{
date: "2021-04-23T00:00:00",
db: "VULMON",
id: "CVE-2013-7471",
},
{
date: "2019-06-20T00:00:00",
db: "JVNDB",
id: "JVNDB-2013-006844",
},
{
date: "2021-04-23T14:20:32.750000",
db: "NVD",
id: "CVE-2013-7471",
},
{
date: "2019-06-13T00:00:00",
db: "CNNVD",
id: "CNNVD-201906-399",
},
],
},
threat_type: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: "remote",
sources: [
{
db: "CNNVD",
id: "CNNVD-201906-399",
},
],
trust: 0.6,
},
title: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: "plural D-Link Command injection vulnerability in the product",
sources: [
{
db: "JVNDB",
id: "JVNDB-2013-006844",
},
],
trust: 0.8,
},
type: {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
sources: {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
},
},
},
data: "command injection",
sources: [
{
db: "CNNVD",
id: "CNNVD-201906-399",
},
],
trust: 0.6,
},
}