D-Link DIR-600 2.16ww Web Admin Interface cross-site request forgery
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 4.2 | $0-$5k | 0.00 |
Summary
A vulnerability has been found in D-Link DIR-600 2.16ww and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Admin Interface. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely. Moreover, an exploit is present.
Details
A vulnerability was found in D-Link DIR-600 2.16ww (Router Operating System). It has been rated as problematic. This issue affects an unknown part of the component Web Admin Interface. The manipulation with an unknown input leads to a cross-site request forgery vulnerability. Using CWE to declare the problem leads to CWE-352. The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. Impacted is integrity.
The weakness was disclosed 01/21/2014 by Dawid Czagan as From CSRF to Unauthorized Remote Admin Access as not defined advisory (Website). The advisory is shared at resources.infosecinstitute.com. The public release happened without involvement of D-Link. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but a public exploit is available.
A public exploit has been developed by Dawid Czagan in HTML/Javascript and been published immediately after the advisory. The exploit is available at resources.infosecinstitute.com. It is declared as highly functional. The advisory illustrates:
Do not enable the Remote Management feature since this will allow malicious users to use this exploit from the internet. Remote Management is default disabled on all D-Link Routers and is included for customer care troubleshooting if useful and the customer enables it.
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
The vulnerability is also documented in the databases at X-Force (91794), SecurityFocus (BID 66092†) and Secunia (SA57304†). The entry VDB-73566 is pretty similar. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.dlink.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 4.3VulDB Meta Temp Score: 4.2
VulDB Base Score: 4.3
VulDB Temp Score: 4.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Cross-site request forgeryCWE: CWE-352 / CWE-862 / CWE-863
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Highly functional
Author: Dawid Czagan
Programming Language: 🔍
Download: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
Exploit Delay Time: 🔍
Timeline
01/21/2014 🔍01/21/2014 🔍
03/07/2014 🔍
03/10/2014 🔍
03/10/2014 🔍
03/17/2014 🔍
03/31/2019 🔍
Sources
Vendor: dlink.comAdvisory: From CSRF to Unauthorized Remote Admin Access
Researcher: Dawid Czagan
Status: Not defined
Confirmation: 🔍
GCVE (VulDB): GCVE-100-12617
X-Force: 91794 - D-Link DIR-600 settings cross-site request forgery, Medium Risk
SecurityFocus: 66092 - D-Link DIR-600 Multiple Cross-Site Request Forgery Vulnerabilities
Secunia: 57304 - D-Link DIR-600 Cross-Site Request Forgery Vulnerability, Less Critical
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 03/17/2014 11:17Updated: 03/31/2019 16:13
Changes: 03/17/2014 11:17 (63), 03/31/2019 16:13 (1)
Complete: 🔍
Cache ID: 216::103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.