Details of VAR-201608-0074

ID

VAR-201608-0074

CVE

CVE-2016-5681

TITLE

D-Link routers contain buffer overflow vulnerability

Trust: 0.8

sources: CERT/CC: VU#332115

DESCRIPTION

D-Link Multiple router products offered by have a stack-based buffer overflow vulnerability. Stack-based buffer overflow (CWE-121) - CVE-2016-5681 program cgibin There is a stack-based buffer overflow in the process of validating the session cookie contained in the function in. this function is, WAN Side interface 8181/tcp It is also used in the service that waits at. CWE-121: Stack-based Buffer Overflow https://cwe.mitre.org/data/definitions/121.htmlArbitrary code could be executed by processing a crafted request. D-LinkDIR-895L is a wireless router from D-Link. The following products and versions are affected: D-Link DIR-850L B1 Version 2.07 prior to 2.07WWB05, DIR-817 Ax, DIR-818LW Bx Version 2.05b03beta03 prior, DIR-822 C1 Version 3.01 prior to 3.01WWb02, DIR-823 A1 version 1.00 before 1.00WWb05, DIR-895L A1 version 1.11 before 1.11WWb04, DIR-890L A1 version 1.09 before 1.09b14, DIR-885L A1 version 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08 Version, version 2.03 before DIR-868L B1 2.03WWb01, version 3.00 before DIR-868L C1 3.00WWb01

Trust: 2.34

sources: CERT/CC: VU#332115 // JVNDB: JVNDB-2016-004310 // CNVD: CNVD-2016-06383 // BID: 92427 // VULHUB: VHN-94500

IOT TAXONOMY

category:

['IoT', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-06383

AFFECTED PRODUCTS

vendor:	d link	model:	dir-895l	scope:	lte	version:	1.11	Trust: 1.0
vendor:	dlink	model:	dir-868l	scope:	lte	version:	3.00	Trust: 1.0
vendor:	d link	model:	dir-850l firmare	scope:	lte	version:	2.07	Trust: 1.0
vendor:	d link	model:	dir-885l	scope:	lte	version:	1.11	Trust: 1.0
vendor:	d link	model:	dir-817l\	scope:	lte	version:	jul.2016	Trust: 1.0
vendor:	dlink	model:	dir-868l	scope:	lte	version:	2.03	Trust: 1.0
vendor:	d link	model:	dir-890l	scope:	lte	version:	1.09	Trust: 1.0
vendor:	dlink	model:	dir-822	scope:	eq	version:	3.01	Trust: 1.0
vendor:	d link	model:	dir-818l\	scope:	lte	version:	2.05	Trust: 1.0
vendor:	d link	model:	dir-823	scope:	lte	version:	1.00	Trust: 1.0
vendor:	d link	model:	dir-880l	scope:	lte	version:	1.07	Trust: 1.0
vendor:	d link	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-817l	scope:	eq	version:	rev. ax	Trust: 0.8
vendor:	d link	model:	dir-818l	scope:	eq	version:	rev. ax	Trust: 0.8
vendor:	d link	model:	dir-822	scope:	eq	version:	rev. a1	Trust: 0.8
vendor:	d link	model:	dir-822	scope:	lt	version:	official fw v3.01 (v3.01wwb02) earlier	Trust: 0.8
vendor:	d link	model:	dir-823	scope:	eq	version:	rev. a1	Trust: 0.8
vendor:	d link	model:	dir-823	scope:	lt	version:	official fw v1.00 (v1.00wwb05) earlier	Trust: 0.8
vendor:	d link	model:	dir-850l	scope:	eq	version:	rev. b1	Trust: 0.8
vendor:	d link	model:	dir-850l	scope:	lt	version:	official fw v2.07 (v2.07wwb05) earlier	Trust: 0.8
vendor:	d link	model:	dir-868l	scope:	eq	version:	rev. b1	Trust: 0.8
vendor:	d link	model:	dir-868l	scope:	lt	version:	official fw v2.03 (v2.03wwb01) earlier	Trust: 0.8
vendor:	d link	model:	dir-868l	scope:	eq	version:	rev. c1	Trust: 0.8
vendor:	d link	model:	dir-868l	scope:	lt	version:	official fw v3.00 (v3.00wwb01) earlier	Trust: 0.8
vendor:	d link	model:	dir-880l	scope:	eq	version:	rev. a1	Trust: 0.8
vendor:	d link	model:	dir-880l	scope:	lt	version:	official fw v1.07 (v1.07wwb08) earlier	Trust: 0.8
vendor:	d link	model:	dir-885l	scope:	eq	version:	rev. a1	Trust: 0.8
vendor:	d link	model:	dir-885l	scope:	lt	version:	official fw v1.11 (v1.11wwb07) earlier	Trust: 0.8
vendor:	d link	model:	dir-890l	scope:	eq	version:	rev a1	Trust: 0.8
vendor:	d link	model:	dir-890l	scope:	lt	version:	official fw v1.09 (v1.09b14) earlier	Trust: 0.8
vendor:	d link	model:	dir-895l	scope:	eq	version:	rev. a1	Trust: 0.8
vendor:	d link	model:	dir-895l	scope:	lt	version:	official fw v1.11 (v1.11wwb04) earlier	Trust: 0.8
vendor:	d link	model:	router	scope:	-	version:	-	Trust: 0.6
vendor:	d link	model:	dir-880l	scope:	eq	version:	1.07	Trust: 0.6
vendor:	d link	model:	dir-868l	scope:	eq	version:	2.03	Trust: 0.6
vendor:	d link	model:	dir-818l\	scope:	eq	version:	2.05	Trust: 0.6
vendor:	d link	model:	dir-817l\	scope:	eq	version:	jul.2016	Trust: 0.6
vendor:	d link	model:	dir-868l	scope:	eq	version:	3.00	Trust: 0.6
vendor:	d link	model:	dir-885l	scope:	eq	version:	1.11	Trust: 0.6
vendor:	d link	model:	dir-850l firmare	scope:	eq	version:	2.07	Trust: 0.6
vendor:	d link	model:	dir-895l	scope:	eq	version:	1.11	Trust: 0.6
vendor:	d link	model:	dir-890l	scope:	eq	version:	1.09	Trust: 0.6
vendor:	d link	model:	dir-823	scope:	eq	version:	1.00	Trust: 0.6
vendor:	d link	model:	dir-895l a1	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	dir-890l a1	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	dir-885l a1	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	dir-880l a1	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	dir-868l b1	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	dir-850l b1	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	dir-823 a1	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	dir-822 a1	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	dir-818l	scope:	eq	version:	0	Trust: 0.3
vendor:	d link	model:	dir-817l	scope:	eq	version:	0	Trust: 0.3

sources: CERT/CC: VU#332115 // CNVD: CNVD-2016-06383 // BID: 92427 // JVNDB: JVNDB-2016-004310 // CNNVD: CNNVD-201608-243 // NVD: CVE-2016-5681

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-5681
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-5681
value:	HIGH
Trust: 0.8
NVD:	CVE-2016-5681
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2016-06383
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201608-243
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-94500
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-5681
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
NVD:	CVE-2016-5681
severity:	HIGH
baseScore:	9.3
vectorString:	NONE
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2016-06383
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-94500
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-5681
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2016-5681
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CERT/CC: VU#332115 // CNVD: CNVD-2016-06383 // VULHUB: VHN-94500 // JVNDB: JVNDB-2016-004310 // CNNVD: CNNVD-201608-243 // NVD: CVE-2016-5681

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-94500 // JVNDB: JVNDB-2016-004310 // NVD: CVE-2016-5681

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201608-243

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201608-243

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004310

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#332115

PATCH

title:	SAP10063:CVE-2016-5681 - VU#332115 - Some D-Link routers are vulnerable to buffer overflow exploit.	url:	http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10063	Trust: 0.8
title:	Technical Support	url:	http://support.dlink.com/	Trust: 0.8
title:	Patches for multiple D-LinkRouters stack buffer overflow vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/80487	Trust: 0.6
title:	Multiple D-Link Routers Fixes for stack-based buffer overflow vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=63628	Trust: 0.6

sources: CNVD: CNVD-2016-06383 // JVNDB: JVNDB-2016-004310 // CNNVD: CNNVD-201608-243

EXTERNAL IDS

db:	CERT/CC	id:	VU#332115	Trust: 3.6
db:	NVD	id:	CVE-2016-5681	Trust: 3.4
db:	BID	id:	92427	Trust: 2.6
db:	DLINK	id:	SAP10063	Trust: 2.5
db:	JVN	id:	JVNVU94906777	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-004310	Trust: 0.8
db:	CNNVD	id:	CNNVD-201608-243	Trust: 0.7
db:	CNVD	id:	CNVD-2016-06383	Trust: 0.6
db:	VULHUB	id:	VHN-94500	Trust: 0.1

sources: CERT/CC: VU#332115 // CNVD: CNVD-2016-06383 // VULHUB: VHN-94500 // BID: 92427 // JVNDB: JVNDB-2016-004310 // CNNVD: CNNVD-201608-243 // NVD: CVE-2016-5681

REFERENCES

url:	http://www.kb.cert.org/vuls/id/332115	Trust: 2.8
url:	http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10063	Trust: 2.5
url:	http://www.securityfocus.com/bid/92427	Trust: 2.3
url:	https://cwe.mitre.org/data/definitions/121.html	Trust: 0.8
url:	http://support.dlink.com/	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5681	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu94906777	Trust: 0.8
url:	https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5681	Trust: 0.8
url:	http://www.dlink.com/	Trust: 0.3

sources: CERT/CC: VU#332115 // CNVD: CNVD-2016-06383 // VULHUB: VHN-94500 // BID: 92427 // JVNDB: JVNDB-2016-004310 // CNNVD: CNNVD-201608-243 // NVD: CVE-2016-5681

CREDITS

Daniel Romero.

Trust: 0.9

sources: BID: 92427 // CNNVD: CNNVD-201608-243

SOURCES

db:	CERT/CC	id:	VU#332115
db:	CNVD	id:	CNVD-2016-06383
db:	VULHUB	id:	VHN-94500
db:	BID	id:	92427
db:	JVNDB	id:	JVNDB-2016-004310
db:	CNNVD	id:	CNNVD-201608-243
db:	NVD	id:	CVE-2016-5681

LAST UPDATE DATE

2024-11-23T22:34:49.123000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#332115	date:	2016-08-12T00:00:00
db:	CNVD	id:	CNVD-2016-06383	date:	2016-08-17T00:00:00
db:	VULHUB	id:	VHN-94500	date:	2016-11-28T00:00:00
db:	BID	id:	92427	date:	2016-08-11T00:00:00
db:	JVNDB	id:	JVNDB-2016-004310	date:	2016-08-29T00:00:00
db:	CNNVD	id:	CNNVD-201608-243	date:	2023-04-27T00:00:00
db:	NVD	id:	CVE-2016-5681	date:	2024-11-21T02:54:48.910

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#332115	date:	2016-08-11T00:00:00
db:	CNVD	id:	CNVD-2016-06383	date:	2016-08-16T00:00:00
db:	VULHUB	id:	VHN-94500	date:	2016-08-25T00:00:00
db:	BID	id:	92427	date:	2016-08-11T00:00:00
db:	JVNDB	id:	JVNDB-2016-004310	date:	2016-08-15T00:00:00
db:	CNNVD	id:	CNNVD-201608-243	date:	2016-08-12T00:00:00
db:	NVD	id:	CVE-2016-5681	date:	2016-08-25T21:59:04.150