Details of VAR-201112-0187

ID

VAR-201112-0187

CVE

CVE-2011-4723

TITLE

D-Link DIR-300 Vulnerability to obtain important information in router

Trust: 0.8

sources: JVNDB: JVNDB-2011-003481

DESCRIPTION

The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors. D-Link is a network company founded by Taiwan D-Link Group, dedicated to the R&D, production and marketing of LAN, broadband network, wireless network, voice network and related network equipment. D-Link DIR-300 routers are vulnerable to encryption issues

Trust: 1.8

sources: NVD: CVE-2011-4723 // JVNDB: JVNDB-2011-003481 // VULHUB: VHN-52668 // VULMON: CVE-2011-4723

AFFECTED PRODUCTS

vendor:	d link	model:	dir-300	scope:	-	version:	-	Trust: 1.4
vendor:	dlink	model:	dir-300	scope:	eq	version:	*	Trust: 1.0

sources: JVNDB: JVNDB-2011-003481 // CNNVD: CNNVD-201112-376 // NVD: CVE-2011-4723

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-4723
value:	MEDIUM
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2011-4723
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2011-4723
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201112-376
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-52668
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2011-4723
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-4723
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-52668
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2011-4723
baseSeverity:	MEDIUM
baseScore:	5.7
vectorString:	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.1
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-52668 // VULMON: CVE-2011-4723 // JVNDB: JVNDB-2011-003481 // CNNVD: CNNVD-201112-376 // NVD: CVE-2011-4723 // NVD: CVE-2011-4723

PROBLEMTYPE DATA

problemtype:	CWE-310	Trust: 1.9
problemtype:	CWE-312	Trust: 1.0

sources: VULHUB: VHN-52668 // JVNDB: JVNDB-2011-003481 // NVD: CVE-2011-4723

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201112-376

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201112-376

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003481

PATCH

title:	Top Page	url:	http://www.dlink.com	Trust: 0.8
title:	D-Link DIR-300 Repair Measures for Router Encryption Vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=234980	Trust: 0.6
title:	Known Exploited Vulnerabilities Detector	url:	https://github.com/Ostorlab/KEV	Trust: 0.1

sources: VULMON: CVE-2011-4723 // JVNDB: JVNDB-2011-003481 // CNNVD: CNNVD-201112-376

EXTERNAL IDS

db:	NVD	id:	CVE-2011-4723	Trust: 2.6
db:	JVNDB	id:	JVNDB-2011-003481	Trust: 0.8
db:	CNNVD	id:	CNNVD-201112-376	Trust: 0.7
db:	VULHUB	id:	VHN-52668	Trust: 0.1
db:	VULMON	id:	CVE-2011-4723	Trust: 0.1

sources: VULHUB: VHN-52668 // VULMON: CVE-2011-4723 // JVNDB: JVNDB-2011-003481 // CNNVD: CNNVD-201112-376 // NVD: CVE-2011-4723

REFERENCES

url:	http://en.securitylab.ru/lab/pt-2011-30	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4723	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4723	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/310.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/ostorlab/kev	Trust: 0.1

sources: VULHUB: VHN-52668 // VULMON: CVE-2011-4723 // JVNDB: JVNDB-2011-003481 // CNNVD: CNNVD-201112-376 // NVD: CVE-2011-4723

SOURCES

db:	VULHUB	id:	VHN-52668
db:	VULMON	id:	CVE-2011-4723
db:	JVNDB	id:	JVNDB-2011-003481
db:	CNNVD	id:	CNNVD-201112-376
db:	NVD	id:	CVE-2011-4723

LAST UPDATE DATE

2025-02-11T23:12:45.543000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-52668	date:	2011-12-20T00:00:00
db:	VULMON	id:	CVE-2011-4723	date:	2023-04-26T00:00:00
db:	JVNDB	id:	JVNDB-2011-003481	date:	2011-12-21T00:00:00
db:	CNNVD	id:	CNNVD-201112-376	date:	2023-04-27T00:00:00
db:	NVD	id:	CVE-2011-4723	date:	2025-02-10T20:15:32.090

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-52668	date:	2011-12-20T00:00:00
db:	VULMON	id:	CVE-2011-4723	date:	2011-12-20T00:00:00
db:	JVNDB	id:	JVNDB-2011-003481	date:	2011-12-21T00:00:00
db:	CNNVD	id:	CNNVD-201112-376	date:	2011-12-21T00:00:00
db:	NVD	id:	CVE-2011-4723	date:	2011-12-20T11:55:08.413