CVE-2020-15633 – D-Link Multiple Routers HNAP GetCAPTCHAsetting Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-15633
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10_BETA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP requests. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the router. • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10186 https://www.zerodayinitiative.com/advisories/ZDI-20-881 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVE-2020-9544
https://notcve.org/view.php?id=CVE-2020-9544
An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their choice. Se detectó un problema en los dispositivos D-Link DSL-2640B E1 versión EU_1.01. La interfaz administrativa no realiza comprobaciones de autenticación para una petición POST de actualización de firmware. • https://ktln2.org/2020/03/05/cve-2020-9544 https://www.dlink.com/en/security-bulletin • CWE-306: Missing Authentication for Critical Function •
CVE-2013-6811
https://notcve.org/view.php?id=CVE-2013-6811
Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. H1) allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to (1) Custom Services in Port Forwarding, (2) Port Triggering Entries, (3) URL Filters in Parental Control, (4) Print Server settings, (5) QoS Queue Setup, or (6) QoS Classification Entries. Múltiples vulnerabilidades de tipo cross-site request forgery (CSRF) en el gateway de D-Link DSL-6740U (Rev. H1), permiten a atacantes remotos secuestrar la autenticación de administradores para peticiones que cambian las credenciales de administrador o habilitan servicios de administración remota para (1) Custom Services en Port Forwarding, (2) Port Triggering Entries, (3) URL Filters en Parental Control, (4) configuración Print Server, (5) QoS Queue Setup, o (6) QoS Classification Entries. • https://exchange.xforce.ibmcloud.com/vulnerabilities/89612 https://web.archive.org/web/20131208091355/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10005 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2019-17663
https://notcve.org/view.php?id=CVE-2019-17663
D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in the device common gateway interface, leading to common injection. Los dispositivos D-Link DIR-866L versión 1.03B04, permiten un ataque de tipo XSS por medio de la función HtmlResponseMessage en la interfaz gateway común del dispositivo, conllevando a una inyección común. • https://fortiguard.com/zeroday/FG-VD-19-116 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-19990
https://notcve.org/view.php?id=CVE-2018-19990
In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. In the SetWiFiVerifyAlpha.php source code, the WPSPIN parameter is saved in the $rphyinf1."/media/wps/enrollee/pin" and $rphyinf2."/media/wps/enrollee/pin" and $rphyinf3."/media/wps/enrollee/pin" internal configuration memory without any regex checking. • https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •