Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.803797 |
Categoría: | Web application abuses |
Título: | D-Link DIR-100 Router Multiple Vulnerabilities |
Resumen: | This host is running D-Link DIR-100 Router and is prone to multiple; vulnerabilities. |
Descripción: | Summary: This host is running D-Link DIR-100 Router and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Retrieve the Administrator password and sensitive configuration parameters like the pppoe username and password without authentication. - Execute privileged Commands without authentication through a race condition leading to weak authentication enforcement. - Sending formatted request to a victim which then will execute arbitrary commands on the device. - Store arbitrary javascript code which will be executed when a victim accesses the administrator interface. Vulnerability Impact: Successful exploitation will allow attacker to cause denial of service or execute arbitrary HTML and script code in a user's browser session in context of an affected website. Affected Software/OS: D-Link DIR-100 Hardware Revision: D1 Software Version: 4.03B07 Solution: Apply the patch or upgrade to version 4.03B13 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-7051 http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt http://www.exploit-db.com/exploits/31425 https://exchange.xforce.ibmcloud.com/vulnerabilities/90904 https://www.securityfocus.com/bid/65290 Common Vulnerability Exposure (CVE) ID: CVE-2013-7052 https://exchange.xforce.ibmcloud.com/vulnerabilities/90902 Common Vulnerability Exposure (CVE) ID: CVE-2013-7053 https://exchange.xforce.ibmcloud.com/vulnerabilities/90905 https://www.securityfocus.com/bid/65290/info Common Vulnerability Exposure (CVE) ID: CVE-2013-7054 https://exchange.xforce.ibmcloud.com/vulnerabilities/90906 Common Vulnerability Exposure (CVE) ID: CVE-2013-7055 https://exchange.xforce.ibmcloud.com/vulnerabilities/90903 |
Copyright | Copyright (C) 2014 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |