CVE-2017-17065
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (device crash) or possibly have unspecified other impact by sending a sufficiently long string in the password field of the HTTP Basic Authentication section of the HTTP request.
Se ha descubierto un problema en dispositivos D-Link DIR-605L Model B en versiones anteriores a la FW2.11betaB06_hbrf. Esto se relaciona con el código que gestiona los valores de autenticación para HNAP. Un atacante puede provocar una denegación de servicio (cierre inesperado del dispositivo) o, posiblemente, otro tipo de impacto sin especificar mediante el envío de una cadena lo suficientemente larga en el campo password de la sección HTTP Basic Authentication de la petición HTTP.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-29 CVE Reserved
- 2017-11-30 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-12 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dlink Search vendor "Dlink" | Dir-605l Model B Firmware Search vendor "Dlink" for product "Dir-605l Model B Firmware" | < fw2.11betab06_hbrf Search vendor "Dlink" for product "Dir-605l Model B Firmware" and version " < fw2.11betab06_hbrf" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dir-605l Model B Search vendor "Dlink" for product "Dir-605l Model B" | - | - |
Safe
|