Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.803797 |
Kategorie: | Web application abuses |
Titel: | D-Link DIR-100 Router Multiple Vulnerabilities |
Zusammenfassung: | This host is running D-Link DIR-100 Router and is prone to multiple; vulnerabilities. |
Beschreibung: | Summary: This host is running D-Link DIR-100 Router and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Retrieve the Administrator password and sensitive configuration parameters like the pppoe username and password without authentication. - Execute privileged Commands without authentication through a race condition leading to weak authentication enforcement. - Sending formatted request to a victim which then will execute arbitrary commands on the device. - Store arbitrary javascript code which will be executed when a victim accesses the administrator interface. Vulnerability Impact: Successful exploitation will allow attacker to cause denial of service or execute arbitrary HTML and script code in a user's browser session in context of an affected website. Affected Software/OS: D-Link DIR-100 Hardware Revision: D1 Software Version: 4.03B07 Solution: Apply the patch or upgrade to version 4.03B13 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-7051 http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt http://www.exploit-db.com/exploits/31425 https://exchange.xforce.ibmcloud.com/vulnerabilities/90904 https://www.securityfocus.com/bid/65290 Common Vulnerability Exposure (CVE) ID: CVE-2013-7052 https://exchange.xforce.ibmcloud.com/vulnerabilities/90902 Common Vulnerability Exposure (CVE) ID: CVE-2013-7053 https://exchange.xforce.ibmcloud.com/vulnerabilities/90905 https://www.securityfocus.com/bid/65290/info Common Vulnerability Exposure (CVE) ID: CVE-2013-7054 https://exchange.xforce.ibmcloud.com/vulnerabilities/90906 Common Vulnerability Exposure (CVE) ID: CVE-2013-7055 https://exchange.xforce.ibmcloud.com/vulnerabilities/90903 |
Copyright | Copyright (C) 2014 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |