Vulnerabilites related to dlink - dir-860l
Vulnerability from fkie_nvd
Published
2018-03-06 20:29
Modified
2024-11-21 04:10
Severity ?
Summary
XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-860l_firmware | * | |
| dlink | dir-860l | - | |
| dlink | dir-865l_firmware | * | |
| dlink | dir-865l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3887A644-753A-4CA3-9D79-0718057EEB3B", versionEndIncluding: "a1_fw110b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", matchCriteriaId: "CCDB9720-8F5A-4F02-A436-920CDAC15D69", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0624940E-9466-40BA-97E4-648537A092C0", versionEndIncluding: "reva_firmware_patch_1.08.b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", matchCriteriaId: "F3A853DF-6DF1-4E8E-8D55-95279EE0CB30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE2D4824-B834-41EA-8F70-AF12720030C9", versionEndIncluding: "a1_fw112b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", matchCriteriaId: "33B501D4-BDDD-485E-A5A3-8AA8D5E46061", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi.", }, { lang: "es", value: "Vulnerabilidad de Cross-Site Scripting (XSS) en htdocs/webinc/body/bsc_sms_send.php en D-Link DIR-868L DIR868LA1_FW112b04 y versiones anteriores; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 y versiones anteriores y DIR-860L DIR860LA1_FW110b04 y versiones anteriores permite que atacantes remotos lean una cookie mediante un parámetro receiver manipulado en soap.cgi.", }, ], id: "CVE-2018-6528", lastModified: "2024-11-21T04:10:50.380", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-03-06T20:29:00.843", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-19 20:15
Modified
2024-10-10 20:18
Severity ?
Summary
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://gist.github.com/XiaoCurry/574ed9c2b0d12cd0b45399116d82121c | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.dlink.com/en/security-bulletin/ | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-860l_firmware | 2.0.3 | |
| dlink | dir-860l | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-860l_firmware:2.0.3:*:*:*:*:*:*:*", matchCriteriaId: "7383928C-851B-40C5-914C-83AB9CFD9748", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", matchCriteriaId: "CCDB9720-8F5A-4F02-A436-920CDAC15D69", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.", }, { lang: "es", value: "En D-Link DIR-860L v2.03, existe una vulnerabilidad de desbordamiento del búfer debido a la falta de verificación de longitud para el campo SID en gena.cgi. Los atacantes que explotan con éxito esta vulnerabilidad pueden provocar que el dispositivo de destino remoto falle o ejecute comandos arbitrarios.", }, ], id: "CVE-2024-42812", lastModified: "2024-10-10T20:18:11.100", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-19T20:15:07.070", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://gist.github.com/XiaoCurry/574ed9c2b0d12cd0b45399116d82121c", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://www.dlink.com/en/security-bulletin/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-03-06 20:29
Modified
2024-11-21 04:10
Severity ?
Summary
XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-860l_firmware | * | |
| dlink | dir-860l | - | |
| dlink | dir-865l_firmware | * | |
| dlink | dir-865l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3887A644-753A-4CA3-9D79-0718057EEB3B", versionEndIncluding: "a1_fw110b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", matchCriteriaId: "CCDB9720-8F5A-4F02-A436-920CDAC15D69", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0624940E-9466-40BA-97E4-648537A092C0", versionEndIncluding: "reva_firmware_patch_1.08.b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", matchCriteriaId: "F3A853DF-6DF1-4E8E-8D55-95279EE0CB30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE2D4824-B834-41EA-8F70-AF12720030C9", versionEndIncluding: "a1_fw112b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", matchCriteriaId: "33B501D4-BDDD-485E-A5A3-8AA8D5E46061", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi.", }, { lang: "es", value: "Vulnerabilidad de Cross-Site Scripting (XSS) en htdocs/webinc/js/bsc_sms_inbox.php en D-Link DIR-868L DIR868LA1_FW112b04 y versiones anteriores; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 y versiones anteriores y DIR-860L DIR860LA1_FW110b04 y versiones anteriores permite que atacantes remotos lean una cookie mediante un parámetro Treturn manipulado en soap.cgi.", }, ], id: "CVE-2018-6529", lastModified: "2024-11-21T04:10:50.547", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-03-06T20:29:00.907", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-02 18:29
Modified
2024-11-21 04:00
Severity ?
Summary
On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-6530.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-818lw_firmware | 2.05.b03 | |
| dlink | dir-818lw | - | |
| dlink | dir-860l_firmware | 2.03.b03 | |
| dlink | dir-860l | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-818lw_firmware:2.05.b03:*:*:*:*:*:*:*", matchCriteriaId: "4349ECC4-5F0F-496C-92E9-39932A40FE8A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-818lw:-:*:*:*:*:*:*:*", matchCriteriaId: "4725FC82-72B5-4EAB-91C6-D32194C5D4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-860l_firmware:2.03.b03:*:*:*:*:*:*:*", matchCriteriaId: "B97322F4-B170-438B-9B20-57D208A2EECF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", matchCriteriaId: "CCDB9720-8F5A-4F02-A436-920CDAC15D69", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an \"&&\" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-6530.", }, { lang: "es", value: "En los dispositivos DIR-818LW Rev.A 2.05.B03 y DIR-860L Rev.B 2.03.B03 de D-Link, la ejecución remota de comandos del sistema operativo podría ocurrir en el servicio de soap.cgi del binario cgibin mediante una subcadena \"\" en el parámetro \"service\". NOTA: este problema existe debido a una solución incompleta para CVE-2018-6530.", }, ], id: "CVE-2018-20114", lastModified: "2024-11-21T04:00:53.623", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-02T18:29:01.277", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-20114", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-20114", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-19 20:15
Modified
2024-11-21 05:18
Severity ?
Summary
webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md | Exploit, Third Party Advisory | |
| cve@mitre.org | https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-803_firmware | 1.04.b02 | |
| dlink | dir-803 | a1 | |
| dlink | dir-816l_firmware | 2.06 | |
| dlink | dir-816l_firmware | 2.06.b09 | |
| dlink | dir-816l | b1 | |
| dlink | dir-645_firmware | 1.06b01 | |
| dlink | dir-645 | a1 | |
| dlink | dir-815_firmware | 2.07.b01 | |
| dlink | dir-815 | b1 | |
| dlink | dir-860l_firmware | 1.10b04 | |
| dlink | dir-860l | a1 | |
| dlink | dir-865l_firmware | 1.08b01 | |
| dlink | dir-865l | a1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-803_firmware:1.04.b02:*:*:*:*:*:*:*", matchCriteriaId: "8C475766-ADDE-4461-9FDF-FE6332F95DBE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-803:a1:*:*:*:*:*:*:*", matchCriteriaId: "1B033D96-30EC-44EA-B70E-670CEAA0E79F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-816l_firmware:2.06:*:*:*:*:*:*:*", matchCriteriaId: "1817EE29-D782-4A98-A478-20BDA559C5CE", vulnerable: true, }, { criteria: "cpe:2.3:o:dlink:dir-816l_firmware:2.06.b09:beta:*:*:*:*:*:*", matchCriteriaId: "ABE7E66F-20B2-4A39-A845-03E5FBBD9E2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-816l:b1:*:*:*:*:*:*:*", matchCriteriaId: "637B2D4B-0EA7-4E30-9B2B-77484D701042", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-645_firmware:1.06b01:*:*:*:*:*:*:*", matchCriteriaId: "84706BD1-5AC0-449D-AB20-A81A9A2D4077", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-645:a1:*:*:*:*:*:*:*", matchCriteriaId: "E02F7E04-F6D7-466D-81AD-14591443EBC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-815_firmware:2.07.b01:*:*:*:*:*:*:*", matchCriteriaId: "F38F5A85-E7DC-4ACF-A488-11AC00DE5856", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-815:b1:*:*:*:*:*:*:*", matchCriteriaId: "AA95C491-7895-4410-A9D2-3C7BD2BEB0DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-860l_firmware:1.10b04:*:*:*:*:*:*:*", matchCriteriaId: "D84E9E39-D9A6-4370-8D84-6CAE2D02CDFD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-860l:a1:*:*:*:*:*:*:*", matchCriteriaId: "C0FB3DE6-9F8D-485A-8DF3-76FC6C20CB6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-865l_firmware:1.08b01:*:*:*:*:*:*:*", matchCriteriaId: "608124DE-D143-4E95-9DE8-D7A35586361E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-865l:a1:*:*:*:*:*:*:*", matchCriteriaId: "DEC7270B-453D-4D04-90AB-7EBD6DC3D97B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "unsupported-when-assigned", ], }, ], descriptions: [ { lang: "en", value: "webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header", }, { lang: "es", value: "** NO COMPATIBLE CUANDO SE ASIGNÓ ** El archivo webinc/js/info.php en dispositivos D-Link DIR-816L versión 2.06.B09_BETA y DIR-803 versión 1.04.B02, permite un ataque de tipo XSS por medio del encabezado HTTP Referer. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no son compatibles con el mantenedor. NOTA: esto típicamente no es explotable debido a la codificación de URL (excepto en Internet Explorer) y porque una página web no puede especificar que un cliente debe realizar una petición HTTP adicional con un encabezado Referer arbitrario", }, ], id: "CVE-2020-25786", lastModified: "2024-11-21T05:18:46.167", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-19T20:15:11.903", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-03-06 20:29
Modified
2024-11-21 04:10
Severity ?
Summary
XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-860l_firmware | * | |
| dlink | dir-860l | - | |
| dlink | dir-865l_firmware | * | |
| dlink | dir-865l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3887A644-753A-4CA3-9D79-0718057EEB3B", versionEndIncluding: "a1_fw110b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", matchCriteriaId: "CCDB9720-8F5A-4F02-A436-920CDAC15D69", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0624940E-9466-40BA-97E4-648537A092C0", versionEndIncluding: "reva_firmware_patch_1.08.b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", matchCriteriaId: "F3A853DF-6DF1-4E8E-8D55-95279EE0CB30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE2D4824-B834-41EA-8F70-AF12720030C9", versionEndIncluding: "a1_fw112b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", matchCriteriaId: "33B501D4-BDDD-485E-A5A3-8AA8D5E46061", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi.", }, { lang: "es", value: "Vulnerabilidad de Cross-Site Scripting (XSS) en htdocs/webinc/js/adv_parent_ctrl_map.php en D-Link DIR-868L DIR868LA1_FW112b04 y versiones anteriores; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 y versiones anteriores y DIR-860L DIR860LA1_FW110b04 y versiones anteriores permite que atacantes remotos lean una cookie mediante un parámetro deviceid manipulado en soap.cgi.", }, ], id: "CVE-2018-6527", lastModified: "2024-11-21T04:10:50.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-03-06T20:29:00.780", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-13 14:29
Modified
2024-11-21 03:58
Severity ?
Summary
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| d-link | dir-818lw_firmware | 2.05.b03 | |
| dlink | dir-818lw | - | |
| d-link | dir-822_firmware | 202krb06 | |
| dlink | dir-822_firmware | 3.10b06 | |
| dlink | dir-822 | - | |
| d-link | dir-860l_firmware | 2.03.b03 | |
| dlink | dir-860l | - | |
| d-link | dir-868l_firmware | 2.05b02 | |
| dlink | dir-868l | - | |
| d-link | dir-880l_firmware | 1.20b01_01_i3se | |
| dlink | dir-880l | - | |
| d-link | dir-890l\/r_firmware | 1.21b02 | |
| dlink | dir-890l\/r | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:d-link:dir-818lw_firmware:2.05.b03:*:*:*:*:*:*:*", matchCriteriaId: "1A1B5838-62C0-4836-861C-8E99DD280154", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-818lw:-:*:*:*:*:*:*:*", matchCriteriaId: "4725FC82-72B5-4EAB-91C6-D32194C5D4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:d-link:dir-822_firmware:202krb06:*:*:*:*:*:*:*", matchCriteriaId: "5224FC0A-44C6-4C4D-8EEC-BBA7BA13DF3D", vulnerable: true, }, { criteria: "cpe:2.3:o:dlink:dir-822_firmware:3.10b06:*:*:*:*:*:*:*", matchCriteriaId: "DB427709-D236-4CA6-851C-95323D53DBEB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*", matchCriteriaId: "B3894F0E-37F8-4A89-87AC-1DB524D4AE04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:d-link:dir-860l_firmware:2.03.b03:*:*:*:*:*:*:*", matchCriteriaId: "54EA5944-7DCB-4D20-894F-D5A291684EAF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", matchCriteriaId: "CCDB9720-8F5A-4F02-A436-920CDAC15D69", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:d-link:dir-868l_firmware:2.05b02:*:*:*:*:*:*:*", matchCriteriaId: "21680BA3-2C38-4E14-97F4-480F5B6EC3FB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", matchCriteriaId: "33B501D4-BDDD-485E-A5A3-8AA8D5E46061", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:d-link:dir-880l_firmware:1.20b01_01_i3se:beta:*:*:*:*:*:*", matchCriteriaId: "CFE416FB-A5D4-4383-B1E5-5DB8F93A3233", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*", matchCriteriaId: "CC772491-6371-4712-B358-E74D9C5062FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:d-link:dir-890l\\/r_firmware:1.21b02:beta:*:*:*:*:*:*", matchCriteriaId: "41488604-8598-4929-9F2E-049CBE7B30F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-890l\\/r:-:*:*:*:*:*:*:*", matchCriteriaId: "8F65AC17-E770-4711-9D81-D7D76D5D66BF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string.", }, { lang: "es", value: "Se descubrió un problema en los dispositivos de D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA, manejan incorrectamente el parámetro IsAccessPoint en el archivo /HNAP1/SetAccessPointMode. En el código fuente SetAccessPointMode.php, el parámetro IsAccessPoint es almacenado en el archivo de script ShellPath sin ninguna comprobación regex. después que se ejecute el archivo de script, se ocurre la inyección de comandos. Un mensaje XML vulnerable /HNAP1/SetAccessPointMode podría tener metacaracteres shell en el elemento IsAccessPoint, como la cadena `telnetd`.", }, ], id: "CVE-2018-19987", lastModified: "2024-11-21T03:58:56.823", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-13T14:29:01.207", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-03-06 20:29
Modified
2025-02-04 21:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-860l_firmware | * | |
| dlink | dir-860l | - | |
| dlink | dir-865l_firmware | * | |
| dlink | dir-865l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-880l_firmware | * | |
| dlink | dir-880l | - |
{ cisaActionDue: "2022-09-29", cisaExploitAdd: "2022-09-08", cisaRequiredAction: "The vendor D-Link published an advisory stating the fix under CVE-2018-20114 properly patches KEV entry CVE-2018-6530. If the device is still supported, apply updates per vendor instructions. If the affected device has since entered its end-of-life, it should be disconnected if still in use.", cisaVulnerabilityName: "D-Link Multiple Routers OS Command Injection Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3887A644-753A-4CA3-9D79-0718057EEB3B", versionEndIncluding: "a1_fw110b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", matchCriteriaId: "CCDB9720-8F5A-4F02-A436-920CDAC15D69", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0624940E-9466-40BA-97E4-648537A092C0", versionEndIncluding: "reva_firmware_patch_1.08.b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", matchCriteriaId: "F3A853DF-6DF1-4E8E-8D55-95279EE0CB30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE2D4824-B834-41EA-8F70-AF12720030C9", versionEndIncluding: "a1_fw112b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", matchCriteriaId: "33B501D4-BDDD-485E-A5A3-8AA8D5E46061", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-880l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E9B68DE-D3A7-4973-9D47-7203B2190F82", versionEndIncluding: "reva_firmware_patch_1.08b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*", matchCriteriaId: "CC772491-6371-4712-B358-E74D9C5062FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.", }, { lang: "es", value: "Vulnerabilidad de inyección de comandos del sistema operativo en soap.cgi (soapcgi_main en cgibin) en D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 y versiones anteriores, DIR-868L DIR868LA1_FW112b04 y versiones anteriores, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 y versiones anteriores y DIR-860L DIR860LA1_FW110b04 y versiones anteriores permite que atacantes remotos ejecuten comandos arbitrarios del sistema operativo mediante el parámetro service.", }, ], id: "CVE-2018-6530", lastModified: "2025-02-04T21:15:16.167", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2018-03-06T20:29:00.987", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
cve-2018-6528
Vulnerability from cvelistv5
Published
2018-03-06 20:00
Modified
2024-08-05 06:10
Severity ?
EPSS score ?
Summary
XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:10:10.230Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-02-28T00:00:00", descriptions: [ { lang: "en", value: "XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-03-06T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-6528", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { name: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { name: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", refsource: "MISC", url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { name: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-6528", datePublished: "2018-03-06T20:00:00", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-08-05T06:10:10.230Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-6527
Vulnerability from cvelistv5
Published
2018-03-06 20:00
Modified
2024-08-05 06:10
Severity ?
EPSS score ?
Summary
XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:10:10.079Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-02-28T00:00:00", descriptions: [ { lang: "en", value: "XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-03-06T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-6527", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { name: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { name: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", refsource: "MISC", url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { name: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-6527", datePublished: "2018-03-06T20:00:00", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-08-05T06:10:10.079Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-42812
Vulnerability from cvelistv5
Published
2024-08-19 00:00
Modified
2024-08-20 14:27
Severity ?
EPSS score ?
Summary
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "dir-860l_firmware", vendor: "dlink", versions: [ { status: "affected", version: "v2.03", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-42812", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-20T14:21:45.012606Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-20T14:27:04.537Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-19T19:12:29.673208", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.dlink.com/en/security-bulletin/", }, { url: "https://gist.github.com/XiaoCurry/574ed9c2b0d12cd0b45399116d82121c", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-42812", datePublished: "2024-08-19T00:00:00", dateReserved: "2024-08-05T00:00:00", dateUpdated: "2024-08-20T14:27:04.537Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-6530
Vulnerability from cvelistv5
Published
2018-03-06 20:00
Modified
2025-02-04 20:36
Severity ?
EPSS score ?
Summary
OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:10:10.174Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2018-6530", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T20:36:36.248676Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-09-08", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-6530", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T20:36:49.671Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-02-28T00:00:00.000Z", descriptions: [ { lang: "en", value: "OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-03-06T19:57:01.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-6530", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { name: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { name: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", refsource: "MISC", url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { name: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, { name: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-6530", datePublished: "2018-03-06T20:00:00.000Z", dateReserved: "2018-02-02T00:00:00.000Z", dateUpdated: "2025-02-04T20:36:49.671Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-20114
Vulnerability from cvelistv5
Published
2019-01-02 18:00
Modified
2024-08-05 11:51
Severity ?
EPSS score ?
Summary
On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-6530.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-20114 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:51:19.206Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-20114", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-12-31T00:00:00", descriptions: [ { lang: "en", value: "On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an \"&&\" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-6530.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-01-02T17:57:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-20114", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20114", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an \"&&\" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-6530.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-20114", refsource: "MISC", url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-20114", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-20114", datePublished: "2019-01-02T18:00:00", dateReserved: "2018-12-12T00:00:00", dateUpdated: "2024-08-05T11:51:19.206Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-6529
Vulnerability from cvelistv5
Published
2018-03-06 20:00
Modified
2024-08-05 06:10
Severity ?
EPSS score ?
Summary
XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:10:10.135Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-02-28T00:00:00", descriptions: [ { lang: "en", value: "XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-03-06T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-6529", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf", }, { name: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf", }, { name: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", refsource: "MISC", url: "https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto", }, { name: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", refsource: "CONFIRM", url: "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-6529", datePublished: "2018-03-06T20:00:00", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-08-05T06:10:10.135Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-25786
Vulnerability from cvelistv5
Published
2020-09-19 19:24
Modified
2024-08-04 15:40
Severity ?
EPSS score ?
Summary
webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header
References
| ▼ | URL | Tags |
|---|---|---|
| https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190 | x_refsource_MISC | |
| https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:40:36.997Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-19T19:24:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md", }, ], tags: [ "unsupported-when-assigned", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-25786", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** UNSUPPORTED WHEN ASSIGNED ** webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190", refsource: "MISC", url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190", }, { name: "https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md", refsource: "MISC", url: "https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-25786", datePublished: "2020-09-19T19:24:09", dateReserved: "2020-09-19T00:00:00", dateUpdated: "2024-08-04T15:40:36.997Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-19987
Vulnerability from cvelistv5
Published
2019-05-13 13:23
Modified
2024-08-05 11:51
Severity ?
EPSS score ?
Summary
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:51:17.881Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-13T13:23:33", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-19987", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990", refsource: "MISC", url: "https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-19987", datePublished: "2019-05-13T13:23:33", dateReserved: "2018-12-09T00:00:00", dateUpdated: "2024-08-05T11:51:17.881Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-201901-1432
Vulnerability from variot
On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-6530. D-Link DIR-818LW and DIR-860L The device includes OS A command injection vulnerability exists. This vulnerability CVE-2018-6530 This is due to an incomplete fix for.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-818LWRev.A and DIR-860LRev.B are both D-Link wireless router products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201901-1432", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dir-818lw", scope: "eq", trust: 1, vendor: "dlink", version: "2.05.b03", }, { model: "dir-860l", scope: "eq", trust: 1, vendor: "dlink", version: "2.03.b03", }, { model: "dir-818l", scope: "eq", trust: 0.8, vendor: "d link", version: "rev.a 2.05.b03", }, { model: "dir-860l", scope: "eq", trust: 0.8, vendor: "d link", version: "rev.b 2.03.b03", }, { model: "dir-818lw rev.a 2.05.b03", scope: null, trust: 0.6, vendor: "d link", version: null, }, { model: "dir-860l rev.b 2.03.b03", scope: null, trust: 0.6, vendor: "d link", version: null, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-02503", }, { db: "JVNDB", id: "JVNDB-2018-013628", }, { db: "NVD", id: "CVE-2018-20114", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-818lw_firmware:2.05.b03:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-818lw:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-860l_firmware:2.03.b03:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2018-20114", }, ], }, cve: "CVE-2018-20114", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 10, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2018-20114", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-02503", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2018-20114", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2018-20114", trust: 1.8, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2019-02503", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201901-027", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2018-20114", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2019-02503", }, { db: "VULMON", id: "CVE-2018-20114", }, { db: "JVNDB", id: "JVNDB-2018-013628", }, { db: "NVD", id: "CVE-2018-20114", }, { db: "CNNVD", id: "CNNVD-201901-027", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an \"&&\" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-6530. D-Link DIR-818LW and DIR-860L The device includes OS A command injection vulnerability exists. This vulnerability CVE-2018-6530 This is due to an incomplete fix for.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-818LWRev.A and DIR-860LRev.B are both D-Link wireless router products", sources: [ { db: "NVD", id: "CVE-2018-20114", }, { db: "JVNDB", id: "JVNDB-2018-013628", }, { db: "CNVD", id: "CNVD-2019-02503", }, { db: "VULMON", id: "CVE-2018-20114", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-20114", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2018-013628", trust: 0.8, }, { db: "CNVD", id: "CNVD-2019-02503", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201901-027", trust: 0.6, }, { db: "VULMON", id: "CVE-2018-20114", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-02503", }, { db: "VULMON", id: "CVE-2018-20114", }, { db: "JVNDB", id: "JVNDB-2018-013628", }, { db: "NVD", id: "CVE-2018-20114", }, { db: "CNNVD", id: "CNNVD-201901-027", }, ], }, id: "VAR-201901-1432", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2019-02503", }, ], trust: 1.383991215, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-02503", }, ], }, last_update_date: "2023-12-18T13:48:02.283000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://www.dlink.lt/en/", }, { title: "FirmAE", trust: 0.1, url: "https://github.com/pr0v3rbs/firmae ", }, ], sources: [ { db: "VULMON", id: "CVE-2018-20114", }, { db: "JVNDB", id: "JVNDB-2018-013628", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-013628", }, { db: "NVD", id: "CVE-2018-20114", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://github.com/pr0v3rbs/cve/tree/master/cve-2018-20114", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20114", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20114", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/78.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/pr0v3rbs/firmae", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-02503", }, { db: "VULMON", id: "CVE-2018-20114", }, { db: "JVNDB", id: "JVNDB-2018-013628", }, { db: "NVD", id: "CVE-2018-20114", }, { db: "CNNVD", id: "CNNVD-201901-027", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2019-02503", }, { db: "VULMON", id: "CVE-2018-20114", }, { db: "JVNDB", id: "JVNDB-2018-013628", }, { db: "NVD", id: "CVE-2018-20114", }, { db: "CNNVD", id: "CNNVD-201901-027", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-01-23T00:00:00", db: "CNVD", id: "CNVD-2019-02503", }, { date: "2019-01-02T00:00:00", db: "VULMON", id: "CVE-2018-20114", }, { date: "2019-02-27T00:00:00", db: "JVNDB", id: "JVNDB-2018-013628", }, { date: "2019-01-02T18:29:01.277000", db: "NVD", id: "CVE-2018-20114", }, { date: "2019-01-03T00:00:00", db: "CNNVD", id: "CNNVD-201901-027", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-01-23T00:00:00", db: "CNVD", id: "CNVD-2019-02503", }, { date: "2021-04-23T00:00:00", db: "VULMON", id: "CVE-2018-20114", }, { date: "2019-02-27T00:00:00", db: "JVNDB", id: "JVNDB-2018-013628", }, { date: "2021-04-23T15:32:49.340000", db: "NVD", id: "CVE-2018-20114", }, { date: "2021-04-25T00:00:00", db: "CNNVD", id: "CNNVD-201901-027", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201901-027", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "D-Link DIR-818LW and DIR-860L In the device OS Command injection vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-013628", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "operating system commend injection", sources: [ { db: "CNNVD", id: "CNNVD-201901-027", }, ], trust: 0.6, }, }
var-201803-1767
Vulnerability from variot
XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi. D-Link DIR-868L , DIR-865L ,and DIR-860L Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-868L and others are all wireless router products of D-Link. A cross-site scripting vulnerability exists in the htdocs/webinc/body/bsc_sms_send.php file in D-LinkDIR-868L, DIR-865L, and DIR-860L. D-Link DIR-868L, etc. The following products and versions are affected: D-Link DIR-868L DIR868LA1_FW112b04 and earlier; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L DIR860LA1_FW110b04 and earlier
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201803-1767", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dir-860l", scope: "lte", trust: 1, vendor: "dlink", version: "a1_fw110b04", }, { model: "dir-868l", scope: "lte", trust: 1, vendor: "dlink", version: "a1_fw112b04", }, { model: "dir-865l", scope: "lte", trust: 1, vendor: "dlink", version: "reva_firmware_patch_1.08.b01", }, { model: "dir-860l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir860la1_fw110b04", }, { model: "dir-865l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir-865l_reva_firmware_patch_1.08.b01", }, { model: "dir-868l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir868la1_fw112b04", }, { model: "dir-868l <=dir868la1 fw112b04", scope: null, trust: 0.6, vendor: "345 217 213 350 256 257 347 247 221 346 212 200", version: null, }, { model: "dir-865l <=dir-865l reva patch 1.08.b01", scope: null, trust: 0.6, vendor: "345 217 213 350 256 257 347 247 221 346 212 200", version: null, }, { model: "dir-860l <=dir860la1 fw110b04", scope: null, trust: 0.6, vendor: "345 217 213 350 256 257 347 247 221 346 212 200", version: null, }, { model: "dir-860l", scope: "eq", trust: 0.6, vendor: "d link", version: "a1_fw110b04", }, { model: "dir-865l", scope: "eq", trust: 0.6, vendor: "d link", version: "reva_firmware_patch_1.08.b01", }, { model: "dir-868l", scope: "eq", trust: 0.6, vendor: "d link", version: "a1_fw112b04", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06629", }, { db: "JVNDB", id: "JVNDB-2018-002679", }, { db: "NVD", id: "CVE-2018-6528", }, { db: "CNNVD", id: "CNNVD-201803-151", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "a1_fw110b04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "reva_firmware_patch_1.08.b01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "a1_fw112b04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2018-6528", }, ], }, cve: "CVE-2018-6528", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 4.3, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2018-6528", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CNVD-2018-06629", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-136560", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2018-6528", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2018-6528", trust: 1.8, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2018-06629", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201803-151", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-136560", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06629", }, { db: "VULHUB", id: "VHN-136560", }, { db: "JVNDB", id: "JVNDB-2018-002679", }, { db: "NVD", id: "CVE-2018-6528", }, { db: "CNNVD", id: "CNNVD-201803-151", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi. D-Link DIR-868L , DIR-865L ,and DIR-860L Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-868L and others are all wireless router products of D-Link. A cross-site scripting vulnerability exists in the htdocs/webinc/body/bsc_sms_send.php file in D-LinkDIR-868L, DIR-865L, and DIR-860L. D-Link DIR-868L, etc. The following products and versions are affected: D-Link DIR-868L DIR868LA1_FW112b04 and earlier; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L DIR860LA1_FW110b04 and earlier", sources: [ { db: "NVD", id: "CVE-2018-6528", }, { db: "JVNDB", id: "JVNDB-2018-002679", }, { db: "CNVD", id: "CNVD-2018-06629", }, { db: "VULHUB", id: "VHN-136560", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-6528", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2018-002679", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201803-151", trust: 0.7, }, { db: "CNVD", id: "CNVD-2018-06629", trust: 0.6, }, { db: "VULHUB", id: "VHN-136560", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06629", }, { db: "VULHUB", id: "VHN-136560", }, { db: "JVNDB", id: "JVNDB-2018-002679", }, { db: "NVD", id: "CVE-2018-6528", }, { db: "CNNVD", id: "CNNVD-201803-151", }, ], }, id: "VAR-201803-1767", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2018-06629", }, { db: "VULHUB", id: "VHN-136560", }, ], trust: 1.5752999514285713, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06629", }, ], }, last_update_date: "2023-12-18T13:19:10.493000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "DIR-860L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-860l/reva/dir-860l_reva_firmware_patch_notes_1.11b01_en_ww.pdf", }, { title: "DIR-865L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-865l/reva/dir-865l_reva_firmware_patch_notes_1.10b01_en_ww.pdf", }, { title: "DIR-868L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-868l/reva/dir-868l_reva_firmware_patch_notes_1.20b01_en_ww.pdf", }, { title: "Patch for D-LinkDIR Series Cross-Site Scripting Vulnerability (CVE-2018-6528)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/124013", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06629", }, { db: "JVNDB", id: "JVNDB-2018-002679", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-136560", }, { db: "JVNDB", id: "JVNDB-2018-002679", }, { db: "NVD", id: "CVE-2018-6528", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://github.com/thebeeman/pwning-multiple-dlink-router-via-soap-proto", }, { trust: 1.1, url: "ftp://ftp2.dlink.com/security_advisements/dir-860l/reva/dir-860l_reva_firmware_patch_notes_1.11b01_en_ww.pdf", }, { trust: 1.1, url: "ftp://ftp2.dlink.com/security_advisements/dir-868l/reva/dir-868l_reva_firmware_patch_notes_1.20b01_en_ww.pdf", }, { trust: 1.1, url: "ftp://ftp2.dlink.com/security_advisements/dir-865l/reva/dir-865l_reva_firmware_patch_notes_1.10b01_en_ww.pdf", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6528", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2018-6528", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06629", }, { db: "VULHUB", id: "VHN-136560", }, { db: "JVNDB", id: "JVNDB-2018-002679", }, { db: "NVD", id: "CVE-2018-6528", }, { db: "CNNVD", id: "CNNVD-201803-151", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2018-06629", }, { db: "VULHUB", id: "VHN-136560", }, { db: "JVNDB", id: "JVNDB-2018-002679", }, { db: "NVD", id: "CVE-2018-6528", }, { db: "CNNVD", id: "CNNVD-201803-151", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-03-29T00:00:00", db: "CNVD", id: "CNVD-2018-06629", }, { date: "2018-03-06T00:00:00", db: "VULHUB", id: "VHN-136560", }, { date: "2018-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2018-002679", }, { date: "2018-03-06T20:29:00.843000", db: "NVD", id: "CVE-2018-6528", }, { date: "2018-03-07T00:00:00", db: "CNNVD", id: "CNNVD-201803-151", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-03-29T00:00:00", db: "CNVD", id: "CNVD-2018-06629", }, { date: "2018-03-27T00:00:00", db: "VULHUB", id: "VHN-136560", }, { date: "2018-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2018-002679", }, { date: "2023-11-08T21:18:30.427000", db: "NVD", id: "CVE-2018-6528", }, { date: "2023-04-27T00:00:00", db: "CNNVD", id: "CNNVD-201803-151", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201803-151", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural D-Link Product cross-site scripting vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-002679", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-201803-151", }, ], trust: 0.6, }, }
var-202009-0817
Vulnerability from variot
webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header. D-Link DIR-816L and DIR-816 are both wireless routers of D-Link company in Taiwan. No detailed vulnerability details are currently provided
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202009-0817", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dir-816l", scope: "eq", trust: 1, vendor: "dlink", version: "2.06", }, { model: "dir-645", scope: "eq", trust: 1, vendor: "dlink", version: "1.06b01", }, { model: "dir-860l", scope: "eq", trust: 1, vendor: "dlink", version: "1.10b04", }, { model: "dir-803", scope: "eq", trust: 1, vendor: "dlink", version: "1.04.b02", }, { model: "dir-815", scope: "eq", trust: 1, vendor: "dlink", version: "2.07.b01", }, { model: "dir-816l", scope: "eq", trust: 1, vendor: "dlink", version: "2.06.b09", }, { model: "dir-865l", scope: "eq", trust: 1, vendor: "dlink", version: "1.08b01", }, { model: "dir-803 1.04.b02", scope: null, trust: 0.6, vendor: "d link", version: null, }, { model: "dir-816l 2.06.b09 beta", scope: null, trust: 0.6, vendor: "d link", version: null, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-59764", }, { db: "NVD", id: "CVE-2020-25786", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-803_firmware:1.04.b02:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-803:a1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-816l_firmware:2.06:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:dlink:dir-816l_firmware:2.06.b09:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-816l:b1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-645_firmware:1.06b01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-645:a1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-815_firmware:2.07.b01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-815:b1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-860l_firmware:1.10b04:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-860l:a1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-865l_firmware:1.08b01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-865l:a1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-25786", }, ], }, cve: "CVE-2020-25786", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CNVD-2020-59764", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULMON", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2020-25786", impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "MEDIUM", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, ], severity: [ { author: "NVD", id: "CVE-2020-25786", trust: 1, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2020-59764", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202009-1261", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-25786", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-59764", }, { db: "VULMON", id: "CVE-2020-25786", }, { db: "CNNVD", id: "CNNVD-202009-1261", }, { db: "NVD", id: "CVE-2020-25786", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header. D-Link DIR-816L and DIR-816 are both wireless routers of D-Link company in Taiwan. No detailed vulnerability details are currently provided", sources: [ { db: "NVD", id: "CVE-2020-25786", }, { db: "CNVD", id: "CNVD-2020-59764", }, { db: "VULMON", id: "CVE-2020-25786", }, ], trust: 1.53, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-25786", trust: 2.3, }, { db: "DLINK", id: "SAP10190", trust: 1.7, }, { db: "CNVD", id: "CNVD-2020-59764", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202009-1261", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-25786", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-59764", }, { db: "VULMON", id: "CVE-2020-25786", }, { db: "CNNVD", id: "CNNVD-202009-1261", }, { db: "NVD", id: "CVE-2020-25786", }, ], }, id: "VAR-202009-0817", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-59764", }, ], trust: 1.28161163, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-59764", }, ], }, last_update_date: "2024-05-17T23:12:39.331000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for D-Link DIR-816L and DIR-803 cross-site scripting vulnerabilities", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/237805", }, { title: "D-Link DIR-816L and DIR-803 Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=128929", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-59764", }, { db: "CNNVD", id: "CNNVD-202009-1261", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2020-25786", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://github.com/sek1th/iot/blob/master/dir-816l_xss.md", }, { trust: 1.7, url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10190", }, { trust: 1.2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25786", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/79.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-59764", }, { db: "VULMON", id: "CVE-2020-25786", }, { db: "CNNVD", id: "CNNVD-202009-1261", }, { db: "NVD", id: "CVE-2020-25786", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-59764", }, { db: "VULMON", id: "CVE-2020-25786", }, { db: "CNNVD", id: "CNNVD-202009-1261", }, { db: "NVD", id: "CVE-2020-25786", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-09-24T00:00:00", db: "CNVD", id: "CNVD-2020-59764", }, { date: "2020-09-19T00:00:00", db: "VULMON", id: "CVE-2020-25786", }, { date: "2020-09-19T00:00:00", db: "CNNVD", id: "CNNVD-202009-1261", }, { date: "2020-09-19T20:15:11.903000", db: "NVD", id: "CVE-2020-25786", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-01T00:00:00", db: "CNVD", id: "CNVD-2020-59764", }, { date: "2021-04-23T00:00:00", db: "VULMON", id: "CVE-2020-25786", }, { date: "2020-10-09T00:00:00", db: "CNNVD", id: "CNNVD-202009-1261", }, { date: "2024-05-17T01:46:24", db: "NVD", id: "CVE-2020-25786", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202009-1261", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "D-Link DIR-816L and DIR-803 cross-site scripting vulnerabilities", sources: [ { db: "CNVD", id: "CNVD-2020-59764", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202009-1261", }, ], trust: 0.6, }, }
var-201803-1769
Vulnerability from variot
OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter. plural D-Link The product includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-880L and others are all wireless router products of D-Link. An operating system command injection vulnerability exists in the soap.cgi file in several D-Link products. A remote attacker can exploit this vulnerability to execute arbitrary operating system commands with the help of the \342\200\230service\342\200\231 parameter. The following products and versions are affected: DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and earlier; DIR-868L DIR868LA1_FW112b04 and earlier; DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L and earlier DIR410b_
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201803-1769", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dir-860l", scope: "lte", trust: 1, vendor: "dlink", version: "a1_fw110b04", }, { model: "dir-868l", scope: "lte", trust: 1, vendor: "dlink", version: "a1_fw112b04", }, { model: "dir-865l", scope: "lte", trust: 1, vendor: "dlink", version: "reva_firmware_patch_1.08.b01", }, { model: "dir-880l", scope: "lte", trust: 1, vendor: "dlink", version: "reva_firmware_patch_1.08b04", }, { model: "dir-860l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir860la1_fw110b04", }, { model: "dir-865l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir-865l_reva_firmware_patch_1.08.b01", }, { model: "dir-868l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir868la1_fw112b04", }, { model: "dir-880l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir-880l_reva_firmware_patch_1.08b04", }, { model: "dir-880l <dir-880l reva patch 1.08b04", scope: null, trust: 0.6, vendor: "d link", version: null, }, { model: "dir-860l <=dir860la1 fw110b04", scope: null, trust: 0.6, vendor: "d link", version: null, }, { model: "dir-865l <=dir-865l reva patch 1.08.b01", scope: null, trust: 0.6, vendor: "d link", version: null, }, { model: "dir-860l", scope: "eq", trust: 0.6, vendor: "d link", version: "a1_fw110b04", }, { model: "dir-865l", scope: "eq", trust: 0.6, vendor: "d link", version: "reva_firmware_patch_1.08.b01", }, { model: "dir-868l", scope: "eq", trust: 0.6, vendor: "d link", version: "a1_fw112b04", }, { model: "dir-880l", scope: "eq", trust: 0.6, vendor: "d link", version: "reva_firmware_patch_1.08b04", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06671", }, { db: "JVNDB", id: "JVNDB-2018-002681", }, { db: "NVD", id: "CVE-2018-6530", }, { db: "CNNVD", id: "CNNVD-201803-149", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "a1_fw110b04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "reva_firmware_patch_1.08.b01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "a1_fw112b04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-880l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "reva_firmware_patch_1.08b04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2018-6530", }, ], }, cve: "CVE-2018-6530", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: true, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 10, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2018-6530", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2018-06671", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VHN-136562", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2018-6530", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2018-6530", trust: 1.8, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2018-06671", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201803-149", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-136562", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2018-6530", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06671", }, { db: "VULHUB", id: "VHN-136562", }, { db: "VULMON", id: "CVE-2018-6530", }, { db: "JVNDB", id: "JVNDB-2018-002681", }, { db: "NVD", id: "CVE-2018-6530", }, { db: "CNNVD", id: "CNNVD-201803-149", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter. plural D-Link The product includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-880L and others are all wireless router products of D-Link. An operating system command injection vulnerability exists in the soap.cgi file in several D-Link products. A remote attacker can exploit this vulnerability to execute arbitrary operating system commands with the help of the \\342\\200\\230service\\342\\200\\231 parameter. The following products and versions are affected: DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and earlier; DIR-868L DIR868LA1_FW112b04 and earlier; DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L and earlier DIR410b_ ", sources: [ { db: "NVD", id: "CVE-2018-6530", }, { db: "JVNDB", id: "JVNDB-2018-002681", }, { db: "CNVD", id: "CNVD-2018-06671", }, { db: "VULHUB", id: "VHN-136562", }, { db: "VULMON", id: "CVE-2018-6530", }, ], trust: 2.34, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-6530", trust: 3.2, }, { db: "JVNDB", id: "JVNDB-2018-002681", trust: 0.8, }, { db: "CNVD", id: "CNVD-2018-06671", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201803-149", trust: 0.6, }, { db: "VULHUB", id: "VHN-136562", trust: 0.1, }, { db: "VULMON", id: "CVE-2018-6530", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06671", }, { db: "VULHUB", id: "VHN-136562", }, { db: "VULMON", id: "CVE-2018-6530", }, { db: "JVNDB", id: "JVNDB-2018-002681", }, { db: "NVD", id: "CVE-2018-6530", }, { db: "CNNVD", id: "CNNVD-201803-149", }, ], }, id: "VAR-201803-1769", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2018-06671", }, { db: "VULHUB", id: "VHN-136562", }, ], trust: 1.525419932, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06671", }, ], }, last_update_date: "2023-12-18T12:02:27.752000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "DIR-860L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-860l/reva/dir-860l_reva_firmware_patch_notes_1.11b01_en_ww.pdf", }, { title: "DIR-865L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-865l/reva/dir-865l_reva_firmware_patch_notes_1.10b01_en_ww.pdf", }, { title: "DIR-868L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-868l/reva/dir-868l_reva_firmware_patch_notes_1.20b01_en_ww.pdf", }, { title: "DIR-880L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-880l/reva/dir-880l_reva_firmware_patch_notes_1.08b06_en_ww.pdf", }, { title: "Patches for multiple D-Link product operating system command injection vulnerabilities", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/124231", }, { title: "", trust: 0.1, url: "https://github.com/thebeeman/pwning-multiple-dlink-router-via-soap-proto ", }, { title: "EQUAFL_setup\nUSAGE\nEQUAFL++\nAFLPlusplus\nServer\nCOMMAND INJECTION INFO\nroot cause analysis", trust: 0.1, url: "https://github.com/zyw-200/equafl_setup ", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06671", }, { db: "VULMON", id: "CVE-2018-6530", }, { db: "JVNDB", id: "JVNDB-2018-002681", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-136562", }, { db: "JVNDB", id: "JVNDB-2018-002681", }, { db: "NVD", id: "CVE-2018-6530", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://github.com/thebeeman/pwning-multiple-dlink-router-via-soap-proto", }, { trust: 1.2, url: "ftp://ftp2.dlink.com/security_advisements/dir-860l/reva/dir-860l_reva_firmware_patch_notes_1.11b01_en_ww.pdf", }, { trust: 1.2, url: "ftp://ftp2.dlink.com/security_advisements/dir-868l/reva/dir-868l_reva_firmware_patch_notes_1.20b01_en_ww.pdf", }, { trust: 1.2, url: "ftp://ftp2.dlink.com/security_advisements/dir-865l/reva/dir-865l_reva_firmware_patch_notes_1.10b01_en_ww.pdf", }, { trust: 1.2, url: "ftp://ftp2.dlink.com/security_advisements/dir-880l/reva/dir-880l_reva_firmware_patch_notes_1.08b06_en_ww.pdf", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6530", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2018-6530", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/78.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/zyw-200/equafl_setup", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06671", }, { db: "VULHUB", id: "VHN-136562", }, { db: "VULMON", id: "CVE-2018-6530", }, { db: "JVNDB", id: "JVNDB-2018-002681", }, { db: "NVD", id: "CVE-2018-6530", }, { db: "CNNVD", id: "CNNVD-201803-149", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2018-06671", }, { db: "VULHUB", id: "VHN-136562", }, { db: "VULMON", id: "CVE-2018-6530", }, { db: "JVNDB", id: "JVNDB-2018-002681", }, { db: "NVD", id: "CVE-2018-6530", }, { db: "CNNVD", id: "CNNVD-201803-149", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-03-29T00:00:00", db: "CNVD", id: "CNVD-2018-06671", }, { date: "2018-03-06T00:00:00", db: "VULHUB", id: "VHN-136562", }, { date: "2018-03-06T00:00:00", db: "VULMON", id: "CVE-2018-6530", }, { date: "2018-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2018-002681", }, { date: "2018-03-06T20:29:00.987000", db: "NVD", id: "CVE-2018-6530", }, { date: "2018-03-07T00:00:00", db: "CNNVD", id: "CNNVD-201803-149", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-03-29T00:00:00", db: "CNVD", id: "CNVD-2018-06671", }, { date: "2018-03-27T00:00:00", db: "VULHUB", id: "VHN-136562", }, { date: "2023-11-08T00:00:00", db: "VULMON", id: "CVE-2018-6530", }, { date: "2018-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2018-002681", }, { date: "2023-11-08T21:19:01.743000", db: "NVD", id: "CVE-2018-6530", }, { date: "2023-04-27T00:00:00", db: "CNNVD", id: "CNNVD-201803-149", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201803-149", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural D-Link In product OS Command injection vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-002681", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "operating system commend injection", sources: [ { db: "CNNVD", id: "CNNVD-201803-149", }, ], trust: 0.6, }, }
var-201803-1768
Vulnerability from variot
XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi. D-Link DIR-868L , DIR-865L ,and DIR-860L Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-868L and others are all wireless router products of D-Link. A cross-site scripting vulnerability exists in the htdocs/webinc/js/bsc_sms_inbox.php file in D-LinkDIR-868L, DIR-865L, and DIR-860L. D-Link DIR-868L, etc. The following products and versions are affected: D-Link DIR-868L DIR868LA1_FW112b04 and earlier; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L DIR860LA1_FW110b04 and earlier
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201803-1768", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dir-860l", scope: "lte", trust: 1, vendor: "dlink", version: "a1_fw110b04", }, { model: "dir-868l", scope: "lte", trust: 1, vendor: "dlink", version: "a1_fw112b04", }, { model: "dir-865l", scope: "lte", trust: 1, vendor: "dlink", version: "reva_firmware_patch_1.08.b01", }, { model: "dir-860l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir860la1_fw110b04", }, { model: "dir-865l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir-865l_reva_firmware_patch_1.08.b01", }, { model: "dir-868l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir868la1_fw112b04", }, { model: "dir-868l <=dir868la1 fw112b04", scope: null, trust: 0.6, vendor: "345 217 213 350 256 257 347 247 221 346 212 200", version: null, }, { model: "dir-865l <=dir-865l reva patch 1.08.b01", scope: null, trust: 0.6, vendor: "345 217 213 350 256 257 347 247 221 346 212 200", version: null, }, { model: "dir-860l <=dir860la1 fw110b04", scope: null, trust: 0.6, vendor: "345 217 213 350 256 257 347 247 221 346 212 200", version: null, }, { model: "dir-860l", scope: "eq", trust: 0.6, vendor: "d link", version: "a1_fw110b04", }, { model: "dir-865l", scope: "eq", trust: 0.6, vendor: "d link", version: "reva_firmware_patch_1.08.b01", }, { model: "dir-868l", scope: "eq", trust: 0.6, vendor: "d link", version: "a1_fw112b04", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06597", }, { db: "JVNDB", id: "JVNDB-2018-002680", }, { db: "NVD", id: "CVE-2018-6529", }, { db: "CNNVD", id: "CNNVD-201803-150", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "a1_fw110b04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "reva_firmware_patch_1.08.b01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "a1_fw112b04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2018-6529", }, ], }, cve: "CVE-2018-6529", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 4.3, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2018-6529", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CNVD-2018-06597", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-136561", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2018-6529", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2018-6529", trust: 1.8, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2018-06597", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201803-150", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-136561", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2018-6529", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06597", }, { db: "VULHUB", id: "VHN-136561", }, { db: "VULMON", id: "CVE-2018-6529", }, { db: "JVNDB", id: "JVNDB-2018-002680", }, { db: "NVD", id: "CVE-2018-6529", }, { db: "CNNVD", id: "CNNVD-201803-150", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi. D-Link DIR-868L , DIR-865L ,and DIR-860L Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-868L and others are all wireless router products of D-Link. A cross-site scripting vulnerability exists in the htdocs/webinc/js/bsc_sms_inbox.php file in D-LinkDIR-868L, DIR-865L, and DIR-860L. D-Link DIR-868L, etc. The following products and versions are affected: D-Link DIR-868L DIR868LA1_FW112b04 and earlier; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L DIR860LA1_FW110b04 and earlier", sources: [ { db: "NVD", id: "CVE-2018-6529", }, { db: "JVNDB", id: "JVNDB-2018-002680", }, { db: "CNVD", id: "CNVD-2018-06597", }, { db: "VULHUB", id: "VHN-136561", }, { db: "VULMON", id: "CVE-2018-6529", }, ], trust: 2.34, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-6529", trust: 3.2, }, { db: "JVNDB", id: "JVNDB-2018-002680", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201803-150", trust: 0.7, }, { db: "CNVD", id: "CNVD-2018-06597", trust: 0.6, }, { db: "VULHUB", id: "VHN-136561", trust: 0.1, }, { db: "VULMON", id: "CVE-2018-6529", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06597", }, { db: "VULHUB", id: "VHN-136561", }, { db: "VULMON", id: "CVE-2018-6529", }, { db: "JVNDB", id: "JVNDB-2018-002680", }, { db: "NVD", id: "CVE-2018-6529", }, { db: "CNNVD", id: "CNNVD-201803-150", }, ], }, id: "VAR-201803-1768", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2018-06597", }, { db: "VULHUB", id: "VHN-136561", }, ], trust: 1.5752999514285713, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06597", }, ], }, last_update_date: "2023-12-18T12:18:59.676000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "DIR-860L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-860l/reva/dir-860l_reva_firmware_patch_notes_1.11b01_en_ww.pdf", }, { title: "DIR-865L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-865l/reva/dir-865l_reva_firmware_patch_notes_1.10b01_en_ww.pdf", }, { title: "DIR-868L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-868l/reva/dir-868l_reva_firmware_patch_notes_1.20b01_en_ww.pdf", }, { title: "Patch for D-LinkDIR Series Cross-Site Scripting Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/123967", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06597", }, { db: "JVNDB", id: "JVNDB-2018-002680", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-136561", }, { db: "JVNDB", id: "JVNDB-2018-002680", }, { db: "NVD", id: "CVE-2018-6529", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://github.com/thebeeman/pwning-multiple-dlink-router-via-soap-proto", }, { trust: 1.2, url: "ftp://ftp2.dlink.com/security_advisements/dir-860l/reva/dir-860l_reva_firmware_patch_notes_1.11b01_en_ww.pdf", }, { trust: 1.2, url: "ftp://ftp2.dlink.com/security_advisements/dir-868l/reva/dir-868l_reva_firmware_patch_notes_1.20b01_en_ww.pdf", }, { trust: 1.2, url: "ftp://ftp2.dlink.com/security_advisements/dir-865l/reva/dir-865l_reva_firmware_patch_notes_1.10b01_en_ww.pdf", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6529", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2018-6529", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/79.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06597", }, { db: "VULHUB", id: "VHN-136561", }, { db: "VULMON", id: "CVE-2018-6529", }, { db: "JVNDB", id: "JVNDB-2018-002680", }, { db: "NVD", id: "CVE-2018-6529", }, { db: "CNNVD", id: "CNNVD-201803-150", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2018-06597", }, { db: "VULHUB", id: "VHN-136561", }, { db: "VULMON", id: "CVE-2018-6529", }, { db: "JVNDB", id: "JVNDB-2018-002680", }, { db: "NVD", id: "CVE-2018-6529", }, { db: "CNNVD", id: "CNNVD-201803-150", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-03-28T00:00:00", db: "CNVD", id: "CNVD-2018-06597", }, { date: "2018-03-06T00:00:00", db: "VULHUB", id: "VHN-136561", }, { date: "2018-03-06T00:00:00", db: "VULMON", id: "CVE-2018-6529", }, { date: "2018-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2018-002680", }, { date: "2018-03-06T20:29:00.907000", db: "NVD", id: "CVE-2018-6529", }, { date: "2018-03-07T00:00:00", db: "CNNVD", id: "CNNVD-201803-150", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-03-28T00:00:00", db: "CNVD", id: "CNVD-2018-06597", }, { date: "2018-03-27T00:00:00", db: "VULHUB", id: "VHN-136561", }, { date: "2018-03-27T00:00:00", db: "VULMON", id: "CVE-2018-6529", }, { date: "2018-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2018-002680", }, { date: "2023-11-08T21:18:46.963000", db: "NVD", id: "CVE-2018-6529", }, { date: "2023-04-27T00:00:00", db: "CNNVD", id: "CNNVD-201803-150", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201803-150", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural D-Link Product cross-site scripting vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-002680", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-201803-150", }, ], trust: 0.6, }, }
var-201803-1766
Vulnerability from variot
XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi. D-Link DIR-868L , DIR-865L ,and DIR-860L Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-868L, DIR-865L and DIR-860L are all D-Link wireless router products. A cross-site scripting vulnerability exists in the htdocs/webinc/js/adv_parent_ctrl_map.php file in D-LinkDIR-868L, DIR-865L, and DIR-860L. The following products and versions are affected: D-Link DIR-868L DIR868LA1_FW112b04 and earlier; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L DIR860LA1_FW110b04 and earlier
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201803-1766", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dir-860l", scope: "lte", trust: 1, vendor: "dlink", version: "a1_fw110b04", }, { model: "dir-868l", scope: "lte", trust: 1, vendor: "dlink", version: "a1_fw112b04", }, { model: "dir-865l", scope: "lte", trust: 1, vendor: "dlink", version: "reva_firmware_patch_1.08.b01", }, { model: "dir-860l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir860la1_fw110b04", }, { model: "dir-865l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir-865l_reva_firmware_patch_1.08.b01", }, { model: "dir-868l", scope: "lte", trust: 0.8, vendor: "d link", version: "dir868la1_fw112b04", }, { model: "dir-868l <=dir868la1 fw112b04", scope: null, trust: 0.6, vendor: "345 217 213 350 256 257 347 247 221 346 212 200", version: null, }, { model: "dir-865l <=dir-865l reva patch 1.08.b01", scope: null, trust: 0.6, vendor: "345 217 213 350 256 257 347 247 221 346 212 200", version: null, }, { model: "dir-860l <=dir860la1 fw110b04", scope: null, trust: 0.6, vendor: "345 217 213 350 256 257 347 247 221 346 212 200", version: null, }, { model: "dir-860l", scope: "eq", trust: 0.6, vendor: "d link", version: "a1_fw110b04", }, { model: "dir-865l", scope: "eq", trust: 0.6, vendor: "d link", version: "reva_firmware_patch_1.08.b01", }, { model: "dir-868l", scope: "eq", trust: 0.6, vendor: "d link", version: "a1_fw112b04", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06630", }, { db: "JVNDB", id: "JVNDB-2018-002678", }, { db: "NVD", id: "CVE-2018-6527", }, { db: "CNNVD", id: "CNNVD-201803-152", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "a1_fw110b04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-860l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "reva_firmware_patch_1.08.b01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "a1_fw112b04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2018-6527", }, ], }, cve: "CVE-2018-6527", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 4.3, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2018-6527", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CNVD-2018-06630", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-136559", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2018-6527", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2018-6527", trust: 1.8, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2018-06630", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201803-152", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-136559", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06630", }, { db: "VULHUB", id: "VHN-136559", }, { db: "JVNDB", id: "JVNDB-2018-002678", }, { db: "NVD", id: "CVE-2018-6527", }, { db: "CNNVD", id: "CNNVD-201803-152", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi. D-Link DIR-868L , DIR-865L ,and DIR-860L Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-868L, DIR-865L and DIR-860L are all D-Link wireless router products. A cross-site scripting vulnerability exists in the htdocs/webinc/js/adv_parent_ctrl_map.php file in D-LinkDIR-868L, DIR-865L, and DIR-860L. The following products and versions are affected: D-Link DIR-868L DIR868LA1_FW112b04 and earlier; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L DIR860LA1_FW110b04 and earlier", sources: [ { db: "NVD", id: "CVE-2018-6527", }, { db: "JVNDB", id: "JVNDB-2018-002678", }, { db: "CNVD", id: "CNVD-2018-06630", }, { db: "VULHUB", id: "VHN-136559", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-6527", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2018-002678", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201803-152", trust: 0.7, }, { db: "CNVD", id: "CNVD-2018-06630", trust: 0.6, }, { db: "VULHUB", id: "VHN-136559", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06630", }, { db: "VULHUB", id: "VHN-136559", }, { db: "JVNDB", id: "JVNDB-2018-002678", }, { db: "NVD", id: "CVE-2018-6527", }, { db: "CNNVD", id: "CNNVD-201803-152", }, ], }, id: "VAR-201803-1766", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2018-06630", }, { db: "VULHUB", id: "VHN-136559", }, ], trust: 1.5752999514285713, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06630", }, ], }, last_update_date: "2023-12-18T12:44:09.202000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "DIR-860L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-860l/reva/dir-860l_reva_firmware_patch_notes_1.11b01_en_ww.pdf", }, { title: "DIR-865L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-865l/reva/dir-865l_reva_firmware_patch_notes_1.10b01_en_ww.pdf", }, { title: "DIR-868L Firmware Patch Notes", trust: 0.8, url: "ftp://ftp2.dlink.com/security_advisements/dir-868l/reva/dir-868l_reva_firmware_patch_notes_1.20b01_en_ww.pdf", }, { title: "Patch for D-LinkDIR Series Cross-Site Scripting Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/124005", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06630", }, { db: "JVNDB", id: "JVNDB-2018-002678", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-136559", }, { db: "JVNDB", id: "JVNDB-2018-002678", }, { db: "NVD", id: "CVE-2018-6527", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://github.com/thebeeman/pwning-multiple-dlink-router-via-soap-proto", }, { trust: 1.1, url: "ftp://ftp2.dlink.com/security_advisements/dir-860l/reva/dir-860l_reva_firmware_patch_notes_1.11b01_en_ww.pdf", }, { trust: 1.1, url: "ftp://ftp2.dlink.com/security_advisements/dir-868l/reva/dir-868l_reva_firmware_patch_notes_1.20b01_en_ww.pdf", }, { trust: 1.1, url: "ftp://ftp2.dlink.com/security_advisements/dir-865l/reva/dir-865l_reva_firmware_patch_notes_1.10b01_en_ww.pdf", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6527", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2018-6527", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-06630", }, { db: "VULHUB", id: "VHN-136559", }, { db: "JVNDB", id: "JVNDB-2018-002678", }, { db: "NVD", id: "CVE-2018-6527", }, { db: "CNNVD", id: "CNNVD-201803-152", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2018-06630", }, { db: "VULHUB", id: "VHN-136559", }, { db: "JVNDB", id: "JVNDB-2018-002678", }, { db: "NVD", id: "CVE-2018-6527", }, { db: "CNNVD", id: "CNNVD-201803-152", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-03-29T00:00:00", db: "CNVD", id: "CNVD-2018-06630", }, { date: "2018-03-06T00:00:00", db: "VULHUB", id: "VHN-136559", }, { date: "2018-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2018-002678", }, { date: "2018-03-06T20:29:00.780000", db: "NVD", id: "CVE-2018-6527", }, { date: "2018-03-07T00:00:00", db: "CNNVD", id: "CNNVD-201803-152", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-03-29T00:00:00", db: "CNVD", id: "CNVD-2018-06630", }, { date: "2018-03-27T00:00:00", db: "VULHUB", id: "VHN-136559", }, { date: "2018-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2018-002678", }, { date: "2023-11-08T21:18:08.193000", db: "NVD", id: "CVE-2018-6527", }, { date: "2023-04-27T00:00:00", db: "CNNVD", id: "CNNVD-201803-152", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201803-152", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural D-Link Product cross-site scripting vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-002678", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-201803-152", }, ], trust: 0.6, }, }