Details of VAR-190001-0949

ID

VAR-190001-0949

TITLE

D-Link DNS-320 ShareCenter Denial of Service Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2011-5169 // BID: 50902

DESCRIPTION

The D-Link DNS-320 is a storage device for small business users. D-Link DNS-320 has multiple security vulnerabilities that can be exploited for denial of service attacks. The dsk_mgr.cgi is allowed to perform a restart by a POST request with the cmd=FMT_restart parameter. The system_mgr.cgi is allowed to perform a restart by a POST request with the cmd=cgi_restart or cmd=cgi_reboo parameters. System_mgr.cgi is allowed to perform shutdown by a POST request with the cmd=cgi_shutdown parameter. The firmware is allowed to be executed by wizard_mgr.cgi by a POST request with the cmd=cgi_wizard parameter. D-Link DNS-320 ShareCenter is prone to a denial-of-service vulnerability. Successful exploits will cause an affected device to reload or shutdown, denying service to legitimate users

Trust: 0.81

sources: CNVD: CNVD-2011-5169 // BID: 50902

IOT TAXONOMY

category:

['IoT', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2011-5169

AFFECTED PRODUCTS

vendor:

d link

model:

dns-320 sharecenter

scope:

version:

Trust: 0.9

sources: CNVD: CNVD-2011-5169 // BID: 50902

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201112-041

TYPE

Design Error

Trust: 0.3

sources: BID: 50902

EXTERNAL IDS

db:	BID	id:	50902	Trust: 1.5
db:	CNVD	id:	CNVD-2011-5169	Trust: 0.6
db:	CNNVD	id:	CNNVD-201112-041	Trust: 0.6

sources: CNVD: CNVD-2011-5169 // BID: 50902 // CNNVD: CNNVD-201112-041

REFERENCES

url:	http://www.securityfocus.com/bid/50902	Trust: 1.2
url:	http://sharecenter.dlink.com/products/dns-320	Trust: 0.3

sources: CNVD: CNVD-2011-5169 // BID: 50902 // CNNVD: CNNVD-201112-041

CREDITS

rigan

Trust: 0.9

sources: BID: 50902 // CNNVD: CNNVD-201112-041

SOURCES

db:	CNVD	id:	CNVD-2011-5169
db:	BID	id:	50902
db:	CNNVD	id:	CNNVD-201112-041

LAST UPDATE DATE

2022-05-17T02:09:35.575000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-5169	date:	2011-12-07T00:00:00
db:	BID	id:	50902	date:	2014-07-21T00:19:00
db:	CNNVD	id:	CNNVD-201112-041	date:	2011-12-07T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2011-5169	date:	2011-12-07T00:00:00
db:	BID	id:	50902	date:	2011-12-05T00:00:00
db:	CNNVD	id:	CNNVD-201112-041	date:	1900-01-01T00:00:00