FKIE_CVE-2013-6026

Vulnerability from fkie_nvd - Published: 2013-10-19 10:36 - Updated: 2025-04-11 00:51
Severity ?
Summary
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.
References
cret@cert.orghttp://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/Exploit
cret@cert.orghttp://www.dlink.com/uk/en/support/security
cret@cert.orghttp://www.kb.cert.org/vuls/id/248083US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.dlink.com/uk/en/support/security
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/248083US Government Resource
Impacted products
Vendor Product Version
dlink di-524up -
dlink di-604\+ -
dlink di-604s -
dlink di-604up -
dlink di-624s -
dlink dir-100 -
dlink dir-120 -
dlink tm-g5240 -
alphanetworks vdsl_asl-55052 -
alphanetworks vdsl_asl-56552 -
planex brl-04cw -
planex brl-04r -
planex brl-04ur -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:di-524up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "157FE837-AA4B-46AD-A2C2-1E9A690FA7DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:di-604\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8D8643C-5683-429D-9B9F-3A9C2B26ADF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:di-604s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "076B3A72-3CF5-49CA-9104-D6D1667CE260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:di-604up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4632D90B-C66E-4E72-B56B-C9B81C3FB85C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:di-624s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F92DC565-F84C-4881-AA54-F07C988E3B90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:dir-100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "944231AD-3DB5-432F-826F-DF40D3538F86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:dir-120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "030E2C73-B17D-4F52-83B5-24C2042A5761",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:dlink:tm-g5240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45DB67B1-BD0F-4B2F-8025-B0A39F821051",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:alphanetworks:vdsl_asl-55052:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38D71280-715B-4872-86DD-528DBD0C4EEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:alphanetworks:vdsl_asl-56552:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "630148D9-4FFC-4630-8D99-4F7DA068D3C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:planex:brl-04cw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22A84F3-0A51-4CF5-B0B2-E41F02D10401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:planex:brl-04r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7B26C5C-508E-426B-ACC7-148515E5FFF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:planex:brl-04ur:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6E83607-47A8-49B5-8C5B-5A25F8F19389",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013."
    },
    {
      "lang": "es",
      "value": "La interfaz web de D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604 + y TM-G5240 routers; Planex BRL-04R, Brasil-04UR y routers BRL-04CW, y Redes Alfa enrutadores permite a atacantes remotos evitar la autenticaci\u00f3n y modificar la configuraci\u00f3n especificando  un encabezado HTTP User-Agent   xmlset_roodkcableoj28840ybtide"
    }
  ],
  "id": "CVE-2013-6026",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-10-19T10:36:08.963",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.dlink.com/uk/en/support/security"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/248083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.dlink.com/uk/en/support/security"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/248083"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.