cvelistv5 - cve-2013-6026

CVE-2013-6026 (GCVE-0-2013-6026)

Vulnerability from cvelistv5 – Published: 2013-10-19 10:00 – Updated: 2024-09-16 23:50

Summary

Severity ?

No CVSS data available.

CWE

Assigner

certcc

References

URL

Tags

	http://www.devttys0.com/2013/10/reverse-engineeri…	x_refsource_MISC
	http://www.dlink.com/uk/en/support/security	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/248083	third-party-advisoryx_refsource_CERT-VN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:29:42.729Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.dlink.com/uk/en/support/security"
          },
          {
            "name": "VU#248083",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/248083"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-10-19T10:00:00Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.dlink.com/uk/en/support/security"
        },
        {
          "name": "VU#248083",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/248083"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-6026",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/",
              "refsource": "MISC",
              "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
            },
            {
              "name": "http://www.dlink.com/uk/en/support/security",
              "refsource": "CONFIRM",
              "url": "http://www.dlink.com/uk/en/support/security"
            },
            {
              "name": "VU#248083",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/248083"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-6026",
    "datePublished": "2013-10-19T10:00:00Z",
    "dateReserved": "2013-10-04T00:00:00Z",
    "dateUpdated": "2024-09-16T23:50:32.878Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:dlink:di-524up:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"157FE837-AA4B-46AD-A2C2-1E9A690FA7DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:dlink:di-604\\\\+:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8D8643C-5683-429D-9B9F-3A9C2B26ADF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:dlink:di-604s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"076B3A72-3CF5-49CA-9104-D6D1667CE260\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:dlink:di-604up:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4632D90B-C66E-4E72-B56B-C9B81C3FB85C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:dlink:di-624s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F92DC565-F84C-4881-AA54-F07C988E3B90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:dlink:dir-100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"944231AD-3DB5-432F-826F-DF40D3538F86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:dlink:dir-120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"030E2C73-B17D-4F52-83B5-24C2042A5761\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:dlink:tm-g5240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45DB67B1-BD0F-4B2F-8025-B0A39F821051\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:alphanetworks:vdsl_asl-55052:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38D71280-715B-4872-86DD-528DBD0C4EEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:alphanetworks:vdsl_asl-56552:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"630148D9-4FFC-4630-8D99-4F7DA068D3C1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:planex:brl-04cw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F22A84F3-0A51-4CF5-B0B2-E41F02D10401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:planex:brl-04r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7B26C5C-508E-426B-ACC7-148515E5FFF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:planex:brl-04ur:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6E83607-47A8-49B5-8C5B-5A25F8F19389\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.\"}, {\"lang\": \"es\", \"value\": \"La interfaz web de D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604 + y TM-G5240 routers; Planex BRL-04R, Brasil-04UR y routers BRL-04CW, y Redes Alfa enrutadores permite a atacantes remotos evitar la autenticaci\\u00f3n y modificar la configuraci\\u00f3n especificando  un encabezado HTTP User-Agent   xmlset_roodkcableoj28840ybtide\"}]",
      "id": "CVE-2013-6026",
      "lastModified": "2024-11-21T01:58:38.767",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-10-19T10:36:08.963",
      "references": "[{\"url\": \"http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/\", \"source\": \"cret@cert.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.dlink.com/uk/en/support/security\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/248083\", \"source\": \"cret@cert.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.dlink.com/uk/en/support/security\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/248083\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}]",
      "sourceIdentifier": "cret@cert.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-6026\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2013-10-19T10:36:08.963\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.\"},{\"lang\":\"es\",\"value\":\"La interfaz web de D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604 + y TM-G5240 routers; Planex BRL-04R, Brasil-04UR y routers BRL-04CW, y Redes Alfa enrutadores permite a atacantes remotos evitar la autenticaci\u00f3n y modificar la configuraci\u00f3n especificando  un encabezado HTTP User-Agent   xmlset_roodkcableoj28840ybtide\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dlink:di-524up:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"157FE837-AA4B-46AD-A2C2-1E9A690FA7DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dlink:di-604\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8D8643C-5683-429D-9B9F-3A9C2B26ADF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dlink:di-604s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"076B3A72-3CF5-49CA-9104-D6D1667CE260\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dlink:di-604up:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4632D90B-C66E-4E72-B56B-C9B81C3FB85C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dlink:di-624s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F92DC565-F84C-4881-AA54-F07C988E3B90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dlink:dir-100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"944231AD-3DB5-432F-826F-DF40D3538F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dlink:dir-120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"030E2C73-B17D-4F52-83B5-24C2042A5761\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dlink:tm-g5240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45DB67B1-BD0F-4B2F-8025-B0A39F821051\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:alphanetworks:vdsl_asl-55052:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38D71280-715B-4872-86DD-528DBD0C4EEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:alphanetworks:vdsl_asl-56552:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"630148D9-4FFC-4630-8D99-4F7DA068D3C1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:planex:brl-04cw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F22A84F3-0A51-4CF5-B0B2-E41F02D10401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:planex:brl-04r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7B26C5C-508E-426B-ACC7-148515E5FFF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:planex:brl-04ur:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6E83607-47A8-49B5-8C5B-5A25F8F19389\"}]}]}],\"references\":[{\"url\":\"http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/\",\"source\":\"cret@cert.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.dlink.com/uk/en/support/security\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/248083\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.dlink.com/uk/en/support/security\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/248083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}]}}"
  }
}

FKIE_CVE-2013-6026

Vulnerability from fkie_nvd - Published: 2013-10-19 10:36 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cret@cert.org	http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/	Exploit
cret@cert.org	http://www.dlink.com/uk/en/support/security
cret@cert.org	http://www.kb.cert.org/vuls/id/248083	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.dlink.com/uk/en/support/security
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/248083	US Government Resource

Impacted products

Vendor	Product	Version
dlink	di-524up	-
dlink	di-604\+	-
dlink	di-604s	-
dlink	di-604up	-
dlink	di-624s	-
dlink	dir-100	-
dlink	dir-120	-
dlink	tm-g5240	-
alphanetworks	vdsl_asl-55052	-
alphanetworks	vdsl_asl-56552	-
planex	brl-04cw	-
planex	brl-04r	-
planex	brl-04ur	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:di-524up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "157FE837-AA4B-46AD-A2C2-1E9A690FA7DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:di-604\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8D8643C-5683-429D-9B9F-3A9C2B26ADF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:di-604s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "076B3A72-3CF5-49CA-9104-D6D1667CE260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:di-604up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4632D90B-C66E-4E72-B56B-C9B81C3FB85C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:di-624s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F92DC565-F84C-4881-AA54-F07C988E3B90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:dir-100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "944231AD-3DB5-432F-826F-DF40D3538F86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:dir-120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "030E2C73-B17D-4F52-83B5-24C2042A5761",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:tm-g5240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45DB67B1-BD0F-4B2F-8025-B0A39F821051",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:alphanetworks:vdsl_asl-55052:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38D71280-715B-4872-86DD-528DBD0C4EEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:alphanetworks:vdsl_asl-56552:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "630148D9-4FFC-4630-8D99-4F7DA068D3C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:planex:brl-04cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22A84F3-0A51-4CF5-B0B2-E41F02D10401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:planex:brl-04r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7B26C5C-508E-426B-ACC7-148515E5FFF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:planex:brl-04ur:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6E83607-47A8-49B5-8C5B-5A25F8F19389",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013."
    },
    {
      "lang": "es",
      "value": "La interfaz web de D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604 + y TM-G5240 routers; Planex BRL-04R, Brasil-04UR y routers BRL-04CW, y Redes Alfa enrutadores permite a atacantes remotos evitar la autenticaci\u00f3n y modificar la configuraci\u00f3n especificando  un encabezado HTTP User-Agent   xmlset_roodkcableoj28840ybtide"
    }
  ],
  "id": "CVE-2013-6026",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-10-19T10:36:08.963",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.dlink.com/uk/en/support/security"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/248083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.dlink.com/uk/en/support/security"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/248083"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201310-0388

Vulnerability from variot - Updated: 2023-12-18 12:09

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013. Various D-Link routers allow administrative web actions if the HTTP request contains a specific User-Agent string. This backdoor allows an attacker to bypass password authentication and access the router's administrative web interface. Planex and Alpha Networks devices may also be affected. In addition, attacks on this vulnerability 2013 Year 10 Observed on the moon.By a third party xmlset_roodkcableoj28840ybtide User-Agent HTTP Authentication may be avoided and settings may be changed via the header. D-Link DIR-100 is a small broadband router with integrated firewall function.

DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604 +, TM-G5240 and several Planex routers BRL-04UR and BRL-04CW, the firmware used is v1.13 There is a backdoor vulnerability. Multiple vendors are prone to a remote authentication-bypass vulnerability. This may aid in further attacks. The following are vulnerable: D-Link DIR-120 D-Link DI-624S D-Link DI-524UP D-Link DI-604S D-Link DI-604UP D-Link DI-604 D-Link DIR-100 D-Link TM-G5240 PLANEX COMMUNICATIONS BRL-04UR PLANEX COMMUNICATIONS BRL-04R PLANEX COMMUNICATIONS BRL-04CW. D-Link DIR-100 and so on are all router devices of D-Link company. Planex BRL-04R etc. are the router equipment of Japan Planex Company. The following products are affected: D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+; TM-G5240; Planex BRL-04R, BRL-04UR, BRL-04CW

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201310-0388",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "vdsl asl-56552",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "alphanetworks",
        "version": null
      },
      {
        "model": "di-524up",
        "scope": null,
        "trust": 1.4,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "di-604+",
        "scope": null,
        "trust": 1.4,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "di-604s",
        "scope": null,
        "trust": 1.4,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "di-604up",
        "scope": null,
        "trust": 1.4,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "tm-g5240",
        "scope": null,
        "trust": 1.4,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "brl-04r",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "planex",
        "version": null
      },
      {
        "model": "di-604s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "dlink",
        "version": null
      },
      {
        "model": "dir-120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "dlink",
        "version": null
      },
      {
        "model": "di-624s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "dlink",
        "version": null
      },
      {
        "model": "brl-04cw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "planex",
        "version": null
      },
      {
        "model": "brl-04ur",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "planex",
        "version": null
      },
      {
        "model": "di-524up",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "dlink",
        "version": null
      },
      {
        "model": "vdsl asl-55052",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "alphanetworks",
        "version": null
      },
      {
        "model": "tm-g5240",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "dlink",
        "version": null
      },
      {
        "model": "dir-100",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "dlink",
        "version": null
      },
      {
        "model": "di-604\\+",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "dlink",
        "version": null
      },
      {
        "model": "di-604up",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "dlink",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "vdsl 11n wireless router",
        "scope": null,
        "trust": 0.8,
        "vendor": "alpha",
        "version": null
      },
      {
        "model": "vdsl wired router",
        "scope": null,
        "trust": 0.8,
        "vendor": "alpha",
        "version": null
      },
      {
        "model": "di-624s",
        "scope": null,
        "trust": 0.8,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "dir-100",
        "scope": null,
        "trust": 0.8,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "dir-120",
        "scope": null,
        "trust": 0.8,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "brl-04cw",
        "scope": null,
        "trust": 0.8,
        "vendor": "planex",
        "version": null
      },
      {
        "model": "brl-04r",
        "scope": null,
        "trust": 0.8,
        "vendor": "planex",
        "version": null
      },
      {
        "model": "brl-04ur",
        "scope": null,
        "trust": 0.8,
        "vendor": "planex",
        "version": null
      },
      {
        "model": "di-524",
        "scope": null,
        "trust": 0.6,
        "vendor": "d link",
        "version": null
      },
      {
        "model": "dir-100",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "d link",
        "version": "1.13"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#248083"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6026"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-604s:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:tm-g5240:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-524up:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-604up:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-624s:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-604\\+:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:dir-120:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:dir-100:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:alphanetworks:vdsl_asl-55052:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:alphanetworks:vdsl_asl-56552:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:planex:brl-04r:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:planex:brl-04cw:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:planex:brl-04ur:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-6026"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Craig Heffner and /dev/ttyS0",
    "sources": [
      {
        "db": "BID",
        "id": "62990"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-6026",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2013-6026",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-13777",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-66028",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-6026",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-13777",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201310-477",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-66028",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      },
      {
        "db": "VULHUB",
        "id": "VHN-66028"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6026"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013. Various D-Link routers allow administrative web actions if the HTTP request contains a specific User-Agent string. This backdoor allows an attacker to bypass password authentication and access the router\u0027s administrative web interface. Planex and Alpha Networks devices may also be affected. In addition, attacks on this vulnerability 2013 Year 10 Observed on the moon.By a third party xmlset_roodkcableoj28840ybtide User-Agent HTTP Authentication may be avoided and settings may be changed via the header. D-Link DIR-100 is a small broadband router with integrated firewall function. \r\n\r\n\r\nDIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604 +, TM-G5240 and several Planex routers BRL-04UR and BRL-04CW, the firmware used is v1.13 There is a backdoor vulnerability. Multiple vendors are prone to a remote authentication-bypass vulnerability. This  may aid in further attacks. \nThe following are vulnerable:\nD-Link DIR-120\nD-Link DI-624S\nD-Link DI-524UP\nD-Link DI-604S\nD-Link DI-604UP\nD-Link DI-604\nD-Link DIR-100\nD-Link TM-G5240\nPLANEX COMMUNICATIONS BRL-04UR\nPLANEX COMMUNICATIONS BRL-04R\nPLANEX COMMUNICATIONS BRL-04CW. D-Link DIR-100 and so on are all router devices of D-Link company. Planex BRL-04R etc. are the router equipment of Japan Planex Company. The following products are affected: D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+; TM-G5240; Planex BRL-04R, BRL-04UR, BRL-04CW",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-6026"
      },
      {
        "db": "CERT/CC",
        "id": "VU#248083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      },
      {
        "db": "BID",
        "id": "62990"
      },
      {
        "db": "VULHUB",
        "id": "VHN-66028"
      }
    ],
    "trust": 3.24
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-6026",
        "trust": 3.4
      },
      {
        "db": "CERT/CC",
        "id": "VU#248083",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "62990",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004823",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201310-477",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-13777",
        "trust": 0.6
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-62565",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-66028",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#248083"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      },
      {
        "db": "VULHUB",
        "id": "VHN-66028"
      },
      {
        "db": "BID",
        "id": "62990"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6026"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ]
  },
  "id": "VAR-201310-0388",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      },
      {
        "db": "VULHUB",
        "id": "VHN-66028"
      }
    ],
    "trust": 1.3563492333333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "IoT",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:09:01.555000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Update on Router Security issue",
        "trust": 0.8,
        "url": "http://www.dlink.com/uk/en/support/security"
      },
      {
        "title": "D-Link  and Planex/ router Web Repair measures for interface security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234982"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66028"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6026"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
      },
      {
        "trust": 2.5,
        "url": "http://www.kb.cert.org/vuls/id/248083"
      },
      {
        "trust": 1.7,
        "url": "http://www.dlink.com/uk/en/support/security"
      },
      {
        "trust": 0.8,
        "url": "http://www.theregister.co.uk/2013/10/13/dlink_routers_have_admin_backdoor/"
      },
      {
        "trust": 0.8,
        "url": "http://www.dlink.com/uk/en/support/security "
      },
      {
        "trust": 0.8,
        "url": "http://blog.erratasec.com/2013/10/that-dlink-bug-masscan.html"
      },
      {
        "trust": 0.8,
        "url": "http://pastebin.com/vbig42vd"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6026"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6026"
      },
      {
        "trust": 0.6,
        "url": "http://www.solidot.org/story?sid=36791"
      },
      {
        "trust": 0.3,
        "url": "http://www.dlink.com/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#248083"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      },
      {
        "db": "VULHUB",
        "id": "VHN-66028"
      },
      {
        "db": "BID",
        "id": "62990"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6026"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#248083"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      },
      {
        "db": "VULHUB",
        "id": "VHN-66028"
      },
      {
        "db": "BID",
        "id": "62990"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6026"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-10-17T00:00:00",
        "db": "CERT/CC",
        "id": "VU#248083"
      },
      {
        "date": "2013-10-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      },
      {
        "date": "2013-10-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-66028"
      },
      {
        "date": "2013-10-12T00:00:00",
        "db": "BID",
        "id": "62990"
      },
      {
        "date": "2013-10-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "date": "2013-10-19T10:36:08.963000",
        "db": "NVD",
        "id": "CVE-2013-6026"
      },
      {
        "date": "2013-10-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-29T00:00:00",
        "db": "CERT/CC",
        "id": "VU#248083"
      },
      {
        "date": "2020-03-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-13777"
      },
      {
        "date": "2013-10-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-66028"
      },
      {
        "date": "2013-12-10T00:56:00",
        "db": "BID",
        "id": "62990"
      },
      {
        "date": "2013-10-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-004823"
      },
      {
        "date": "2023-04-26T18:55:30.893000",
        "db": "NVD",
        "id": "CVE-2013-6026"
      },
      {
        "date": "2023-04-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "D-Link routers authenticate administrative access using specific User-Agent string",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#248083"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201310-477"
      }
    ],
    "trust": 0.6
  }
}

GHSA-V2PF-28PQ-8P67

Vulnerability from github – Published: 2022-05-17 05:00 – Updated: 2025-04-11 04:15

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-6026"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-10-19T10:36:00Z",
    "severity": "HIGH"
  },
  "details": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.",
  "id": "GHSA-v2pf-28pq-8p67",
  "modified": "2025-04-11T04:15:19Z",
  "published": "2022-05-17T05:00:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6026"
    },
    {
      "type": "WEB",
      "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor"
    },
    {
      "type": "WEB",
      "url": "http://www.dlink.com/uk/en/support/security"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/248083"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2013-6026

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-6026

Aliases

CVE-2013-6026

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-6026",
    "description": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.",
    "id": "GSD-2013-6026"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-6026"
      ],
      "details": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.",
      "id": "GSD-2013-6026",
      "modified": "2023-12-13T01:22:19.518618Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2013-6026",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/",
            "refsource": "MISC",
            "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
          },
          {
            "name": "http://www.dlink.com/uk/en/support/security",
            "refsource": "CONFIRM",
            "url": "http://www.dlink.com/uk/en/support/security"
          },
          {
            "name": "VU#248083",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/248083"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-604s:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:tm-g5240:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-524up:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-604up:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-624s:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:di-604\\+:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:dir-120:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:dlink:dir-100:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:alphanetworks:vdsl_asl-55052:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:alphanetworks:vdsl_asl-56552:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:planex:brl-04r:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:planex:brl-04cw:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:planex:brl-04ur:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-6026"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#248083",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/248083"
            },
            {
              "name": "http://www.dlink.com/uk/en/support/security",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.dlink.com/uk/en/support/security"
            },
            {
              "name": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-04-26T18:55Z",
      "publishedDate": "2013-10-19T10:36Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-6026 (GCVE-0-2013-6026)

FKIE_CVE-2013-6026

VAR-201310-0388

GHSA-V2PF-28PQ-8P67

GSD-2013-6026

Tags

Sightings

Nomenclature