Sign-up

ID

VAR-200610-0309


CVE

CVE-2006-5537


TITLE

D-Link DSL-G624T of cgi-bin/webcm Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2006-001446

DESCRIPTION

Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection parameters. ---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: D-Link DSL-G624T Directory Traversal and Cross-Site Scripting SECUNIA ADVISORY ID: SA22524 VERIFY ADVISORY: http://secunia.com/advisories/22524/ CRITICAL: Less critical IMPACT: Cross Site Scripting, Exposure of sensitive information WHERE: >From local network SOFTWARE: D-Link DSL-G624T http://secunia.com/product/12420/ DESCRIPTION: Jose Ramon Palanco has reported some vulnerabilities in D-Link DSL-G624T, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose certain sensitive information. 1) Input passed to the "upnp%3Asettings%2Fstate" and "upnp%3Asettings%2Fconnection" parameters in cgi-bin/webcm is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "getpage" parameter in cgi-bin/webcm is not properly verified before being used. This can be exploited to disclose the content of certain files via directory traversal attacks. The vulnerabilities are reported in firmware version V3.00B01T01.YA-C.20060616. Other versions may also be affected. SOLUTION: Do not visit other web sites while accessing the device and use it only in a trusted network. PROVIDED AND/OR DISCOVERED BY: Jose Ramon Palanco ORIGINAL ADVISORY: http://www.eazel.es/advisory005-D-Link-DSL-G624T-directoy-transversal-xss-cross-site-scripting-directory-listing-vulnerabilities.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.34

sources: NVD: CVE-2006-5537 // JVNDB: JVNDB-2006-001446 // CNVD: CNVD-2006-8142 // VULHUB: VHN-21645 // PACKETSTORM: 51318

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2006-8142

AFFECTED PRODUCTS

vendor:d linkmodel:dsl-g624tscope:eqversion:firmware_3.00b01t01.ya_c.2006-06-16

Trust: 1.6

vendor:d linkmodel:dsl-g624tscope:eqversion:firmware 3.00b01t01.ya-c.20060616

Trust: 0.8

vendor:dsl g624tmodel:d-link 3.00b01t01.ya c.2006-06-16scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2006-8142 // JVNDB: JVNDB-2006-001446 // CNNVD: CNNVD-200610-433 // NVD: CVE-2006-5537

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-5537
value: MEDIUM

Trust: 1.0

NVD: CVE-2006-5537
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2006-8142
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-200610-433
value: MEDIUM

Trust: 0.6

VULHUB: VHN-21645
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-5537
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2006-8142
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-21645
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2006-8142 // VULHUB: VHN-21645 // JVNDB: JVNDB-2006-001446 // CNNVD: CNNVD-200610-433 // NVD: CVE-2006-5537

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-5537

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200610-433

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 51318 // CNNVD: CNNVD-200610-433

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-001446

PATCH
title:Top Pageurl:http://www.dlink.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-001446

EXTERNAL IDS
db:NVDid:CVE-2006-5537
Trust: 3.1
db:SECUNIAid:22524
Trust: 1.8
db:SREASONid:1781
Trust: 1.7
db:VUPENid:ADV-2006-4191
Trust: 1.7
db:JVNDBid:JVNDB-2006-001446
Trust: 0.8
db:CNNVDid:CNNVD-200610-433
Trust: 0.7
db:CNVDid:CNVD-2006-8142
Trust: 0.6
db:BUGTRAQid:20061023 D-LINK DSL-G624T SEVERAL VULNERABILITIES
Trust: 0.6
db:BIDid:83611
Trust: 0.1
db:SEEBUGid:SSVID-83416
Trust: 0.1
db:VULHUBid:VHN-21645
Trust: 0.1
db:PACKETSTORMid:51318
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2006-8142 // 
            
            
            
            VULHUB: VHN-21645 // 
            
            
            
            JVNDB: JVNDB-2006-001446 // 
            
            
            
            PACKETSTORM: 51318 // 
            
            
            
            CNNVD: CNNVD-200610-433 // 
            
            
            
            NVD: CVE-2006-5537

REFERENCES
url:http://www.eazel.es/advisory005-d-link-dsl-g624t-directoy-transversal-xss-cross-site-scripting-directory-listing-vulnerabilities.html
Trust: 1.8
url:http://secunia.com/advisories/22524
Trust: 1.7
url:http://securityreason.com/securityalert/1781
Trust: 1.7
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5537
Trust: 1.4
url:http://www.securityfocus.com/archive/1/449486/100/0/threaded
Trust: 1.1
url:http://www.vupen.com/english/advisories/2006/4191
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5537
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/449486/100/0/threaded
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2006/4191
Trust: 0.6
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/product/12420/
Trust: 0.1
url:http://secunia.com/hardcore_disassembler_and_reverse_engineer/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/22524/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2006-8142 // 
            
            
            
            VULHUB: VHN-21645 // 
            
            
            
            JVNDB: JVNDB-2006-001446 // 
            
            
            
            PACKETSTORM: 51318 // 
            
            
            
            CNNVD: CNNVD-200610-433 // 
            
            
            
            NVD: CVE-2006-5537

CREDITS
Secunia
Trust: 0.1
sources:
            
            
            PACKETSTORM: 51318

SOURCES
db:CNVDid:CNVD-2006-8142
db:VULHUBid:VHN-21645
db:JVNDBid:JVNDB-2006-001446
db:PACKETSTORMid:51318
db:CNNVDid:CNNVD-200610-433
db:NVDid:CVE-2006-5537

LAST UPDATE DATE
2024-08-14T14:15:39.358000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2006-8142date:2006-10-26T00:00:00
db:VULHUBid:VHN-21645date:2018-10-17T00:00:00
db:JVNDBid:JVNDB-2006-001446date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200610-433date:2006-10-29T00:00:00
db:NVDid:CVE-2006-5537date:2018-10-17T21:43:45.457

SOURCES RELEASE DATE
db:CNVDid:CNVD-2006-8142date:2006-10-26T00:00:00
db:VULHUBid:VHN-21645date:2006-10-26T00:00:00
db:JVNDBid:JVNDB-2006-001446date:2012-06-26T00:00:00
db:PACKETSTORMid:51318date:2006-10-25T19:47:27
db:CNNVDid:CNNVD-200610-433date:2006-10-26T00:00:00
db:NVDid:CVE-2006-5537date:2006-10-26T17:07:00