cnvd - cnvd-2019-46983

CNVD-2019-46983

Vulnerability from cnvd - Published: 2019-12-25

Title

D-Link DIR-615授权问题漏洞

Description

D-Link DIR-615是友讯（D-Link）公司的一款小型无线路由器产品。 D-Link DIR-615存在授权问题漏洞。攻击者可通过嗅探网络流量利用该漏洞获取用户和路由器的IP地址,甚至获取public IP地址并接管用户会话。

Severity

高

Patch Name

D-Link DIR-615授权问题漏洞的补丁

Patch Description

D-Link DIR-615是友讯（D-Link）公司的一款小型无线路由器产品。 D-Link DIR-615存在授权问题漏洞。攻击者可通过嗅探网络流量利用该漏洞获取用户和路由器的IP地址,甚至获取public IP地址并接管用户会话。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： http://www.dlink.com/

Reference

https://www.qualys.com/2017/03/12/qsa-2017-03-12/qsa-2017-03-12.pdf

Impacted products

Name
D-Link DIR-615 <20.12PTb04

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-7405"
    }
  },
  "description": "D-Link DIR-615\u662f\u53cb\u8baf\uff08D-Link\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5c0f\u578b\u65e0\u7ebf\u8def\u7531\u5668\u4ea7\u54c1\u3002\n\nD-Link DIR-615\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u55c5\u63a2\u7f51\u7edc\u6d41\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7528\u6237\u548c\u8def\u7531\u5668\u7684IP\u5730\u5740,\u751a\u81f3\u83b7\u53d6public IP\u5730\u5740\u5e76\u63a5\u7ba1\u7528\u6237\u4f1a\u8bdd\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www.dlink.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-46983",
  "openTime": "2019-12-25",
  "patchDescription": "D-Link DIR-615\u662f\u53cb\u8baf\uff08D-Link\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5c0f\u578b\u65e0\u7ebf\u8def\u7531\u5668\u4ea7\u54c1\u3002\r\n\r\nD-Link DIR-615\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u55c5\u63a2\u7f51\u7edc\u6d41\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7528\u6237\u548c\u8def\u7531\u5668\u7684IP\u5730\u5740,\u751a\u81f3\u83b7\u53d6public IP\u5730\u5740\u5e76\u63a5\u7ba1\u7528\u6237\u4f1a\u8bdd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "D-Link DIR-615\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "D-Link DIR-615 \u003c20.12PTb04"
  },
  "referenceLink": "https://www.qualys.com/2017/03/12/qsa-2017-03-12/qsa-2017-03-12.pdf",
  "serverity": "\u9ad8",
  "submitTime": "2019-12-18",
  "title": "D-Link DIR-615\u6388\u6743\u95ee\u9898\u6f0f\u6d1e"
}

CVE-2017-7405 (GCVE-0-2017-7405)

Vulnerability from cvelistv5 – Published: 2017-07-07 12:00 – Updated: 2024-08-05 16:04

Summary

On the D-Link DIR-615 before v20.12PTb04, once authenticated, this device identifies the user based on the IP address of his machine. By spoofing the IP address belonging to the victim's host, an attacker might be able to take over the administrative session without being prompted for authentication credentials. An attacker can get the victim's and router's IP addresses by simply sniffing the network traffic. Moreover, if the victim has web access enabled on his router and is accessing the web interface from a different network that is behind the NAT/Proxy, an attacker can sniff the network traffic to know the public IP address of the victim's router and take over his session as he won't be prompted for credentials.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-615…	x_refsource_MISC
	https://www.qualys.com/2017/03/12/qsa-2017-03-12/…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:04:10.592Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-615/REVT/DIR-615_REVT_FIRMWARE_PATCH_v20.12PTb04.zip"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.qualys.com/2017/03/12/qsa-2017-03-12/qsa-2017-03-12.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On the D-Link DIR-615 before v20.12PTb04, once authenticated, this device identifies the user based on the IP address of his machine. By spoofing the IP address belonging to the victim\u0027s host, an attacker might be able to take over the administrative session without being prompted for authentication credentials. An attacker can get the victim\u0027s and router\u0027s IP addresses by simply sniffing the network traffic. Moreover, if the victim has web access enabled on his router and is accessing the web interface from a different network that is behind the NAT/Proxy, an attacker can sniff the network traffic to know the public IP address of the victim\u0027s router and take over his session as he won\u0027t be prompted for credentials."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-07T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-615/REVT/DIR-615_REVT_FIRMWARE_PATCH_v20.12PTb04.zip"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.qualys.com/2017/03/12/qsa-2017-03-12/qsa-2017-03-12.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-7405",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On the D-Link DIR-615 before v20.12PTb04, once authenticated, this device identifies the user based on the IP address of his machine. By spoofing the IP address belonging to the victim\u0027s host, an attacker might be able to take over the administrative session without being prompted for authentication credentials. An attacker can get the victim\u0027s and router\u0027s IP addresses by simply sniffing the network traffic. Moreover, if the victim has web access enabled on his router and is accessing the web interface from a different network that is behind the NAT/Proxy, an attacker can sniff the network traffic to know the public IP address of the victim\u0027s router and take over his session as he won\u0027t be prompted for credentials."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-615/REVT/DIR-615_REVT_FIRMWARE_PATCH_v20.12PTb04.zip",
              "refsource": "MISC",
              "url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-615/REVT/DIR-615_REVT_FIRMWARE_PATCH_v20.12PTb04.zip"
            },
            {
              "name": "https://www.qualys.com/2017/03/12/qsa-2017-03-12/qsa-2017-03-12.pdf",
              "refsource": "MISC",
              "url": "https://www.qualys.com/2017/03/12/qsa-2017-03-12/qsa-2017-03-12.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-7405",
    "datePublished": "2017-07-07T12:00:00",
    "dateReserved": "2017-04-03T00:00:00",
    "dateUpdated": "2024-08-05T16:04:10.592Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-46983

CVE-2017-7405 (GCVE-0-2017-7405)

Tags

Sightings

Nomenclature