Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.803797
Categoría:Web application abuses
Título:D-Link DIR-100 Router Multiple Vulnerabilities
Resumen:This host is running D-Link DIR-100 Router and is prone to multiple; vulnerabilities.
Descripción:Summary:
This host is running D-Link DIR-100 Router and is prone to multiple
vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- Retrieve the Administrator password and sensitive configuration parameters
like the pppoe username and password without authentication.

- Execute privileged Commands without authentication through a race condition
leading to weak authentication enforcement.

- Sending formatted request to a victim which then will execute arbitrary
commands on the device.

- Store arbitrary javascript code which will be executed when a victim
accesses the administrator interface.

Vulnerability Impact:
Successful exploitation will allow attacker to cause denial of service or
execute arbitrary HTML and script code in a user's browser session in context of an affected website.

Affected Software/OS:
D-Link DIR-100 Hardware Revision: D1 Software Version: 4.03B07

Solution:
Apply the patch or upgrade to version 4.03B13 or later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-7051
http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt
http://www.exploit-db.com/exploits/31425
https://exchange.xforce.ibmcloud.com/vulnerabilities/90904
https://www.securityfocus.com/bid/65290
Common Vulnerability Exposure (CVE) ID: CVE-2013-7052
https://exchange.xforce.ibmcloud.com/vulnerabilities/90902
Common Vulnerability Exposure (CVE) ID: CVE-2013-7053
https://exchange.xforce.ibmcloud.com/vulnerabilities/90905
https://www.securityfocus.com/bid/65290/info
Common Vulnerability Exposure (CVE) ID: CVE-2013-7054
https://exchange.xforce.ibmcloud.com/vulnerabilities/90906
Common Vulnerability Exposure (CVE) ID: CVE-2013-7055
https://exchange.xforce.ibmcloud.com/vulnerabilities/90903
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.