cve-2023-32152
Vulnerability from cvelistv5
Published
2024-05-03 01:56
Modified
2024-08-02 15:10
Severity
6.5 (Medium) - cvssV3_0 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability
References
SourceURLTags
zdi-disclosures@trendmicro.comhttps://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323
zdi-disclosures@trendmicro.comhttps://www.zerodayinitiative.com/advisories/ZDI-23-544/
Impacted products
VendorProduct
D-LinkDIR-2640
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:d-link:dir-2640-us:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "dir-2640-us",
            "vendor": "d-link",
            "versions": [
              {
                "lessThanOrEqual": "v1.11B02",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "v1.11B02 Beta01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32152",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-08T17:52:09.343764Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-05T19:37:00.302Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:10:23.646Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ZDI-23-544",
            "tags": [
              "x_research-advisory",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-544/"
          },
          {
            "name": "vendor-provided URL",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "DIR-2640",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "R.47.0.0 AutoCAD 2021 \u0026 R.47.0.0 AutoCAD LT 2021"
            }
          ]
        }
      ],
      "dateAssigned": "2023-05-03T15:16:43.026-05:00",
      "datePublic": "2023-05-04T17:16:38.365-05:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19549."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-303",
              "description": "CWE-303: Incorrect Implementation of Authentication Algorithm",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-03T01:56:36.008Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-23-544",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-544/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Anonymous"
      },
      "title": "D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2023-32152",
    "datePublished": "2024-05-03T01:56:36.008Z",
    "dateReserved": "2023-05-03T20:10:47.060Z",
    "dateUpdated": "2024-08-02T15:10:23.646Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-32152\",\"sourceIdentifier\":\"zdi-disclosures@trendmicro.com\",\"published\":\"2024-05-03T02:15:19.670\",\"lastModified\":\"2024-05-03T12:50:34.250\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\\n\\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19549.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n de contrase\u00f1a de inicio de sesi\u00f3n de D-Link DIR-2640 HNAP. Esta vulnerabilidad permite a atacantes adyacentes a la red eludir la autenticaci\u00f3n en las instalaciones afectadas de los enrutadores D-Link DIR-2640. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro de la interfaz de administraci\u00f3n web, que escucha en el puerto TCP 80 de forma predeterminada. Una solicitud de inicio de sesi\u00f3n especialmente manipulada puede hacer que la autenticaci\u00f3n se realice correctamente sin proporcionar las credenciales adecuadas. Un atacante puede aprovechar esta vulnerabilidad para eludir la autenticaci\u00f3n en el sistema. Era ZDI-CAN-19549.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-303\"}]}],\"references\":[{\"url\":\"https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323\",\"source\":\"zdi-disclosures@trendmicro.com\"},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-23-544/\",\"source\":\"zdi-disclosures@trendmicro.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.