Details of VAR-201709-0173

ID

VAR-201709-0173

CVE

CVE-2015-1187

TITLE

D-Link and TRENDnet Authentication vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2015-007962

DESCRIPTION

The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp. D-Link and TRENDnet The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The D-Link DIR-636L is a router device. The D-Link DIR636L has remote command injection and verification bypass vulnerabilities that allow an attacker to execute arbitrary commands or bypass the authentication mechanism to fully control the affected device. D-Link DIR-636L is prone to a command-injection vulnerability and an authentication bypass vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. Multiple Dlink products are prone to multiple security vulnerabilities. The ping tool in several D-Link and TRENDnet devices has a security vulnerability. The following products and versions are affected: D-Link DIR-626L (Rev A) Version 1.04b04; D-Link DIR-636L (Rev A) Version 1.04; D-Link DIR-808L (Rev A) Version 1.03b05; D- Link DIR-810L (Rev A) Rev. 1.01b04; D-Link DIR-810L (Rev B) Rev. 2.02b01; D-Link DIR-820L (Rev A) Rev. 1.02B10; D-Link DIR-820L (Rev A) D-Link DIR-820L (Rev B) Rev 2.01b02; D-Link DIR-826L (Rev A) Rev 1.00b23; D-Link DIR-830L (Rev A) Rev 1.00b07; D-Link DIR -836L (Rev A) Version 1.01b03; TRENDnet TEW-731BR (Rev 2) Version 2.01b01

Trust: 2.88

sources: NVD: CVE-2015-1187 // JVNDB: JVNDB-2015-007962 // CNVD: CNVD-2015-01489 // BID: 72848 // BID: 72865 // VULHUB: VHN-79148 // VULMON: CVE-2015-1187

IOT TAXONOMY

category:

['IoT', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-01489

AFFECTED PRODUCTS

vendor:	d link	model:	dir-636l	scope:	-	version:	-	Trust: 1.4
vendor:	dlink	model:	dir-636l	scope:	eq	version:	1.04	Trust: 1.3
vendor:	trendnet	model:	tew-810dr	scope:	eq	version:	1.00	Trust: 1.0
vendor:	trendnet	model:	tew-651br	scope:	eq	version:	-	Trust: 1.0
vendor:	dlink	model:	dir-820l	scope:	eq	version:	1.02	Trust: 1.0
vendor:	dlink	model:	dir-626l	scope:	eq	version:	1.04	Trust: 1.0
vendor:	trendnet	model:	tew-711br	scope:	eq	version:	1.00	Trust: 1.0
vendor:	trendnet	model:	tew-813dru	scope:	eq	version:	1.00	Trust: 1.0
vendor:	trendnet	model:	tew-652br	scope:	eq	version:	-	Trust: 1.0
vendor:	dlink	model:	dir-820l	scope:	eq	version:	2.01	Trust: 1.0
vendor:	trendnet	model:	tew-731br	scope:	eq	version:	2.01	Trust: 1.0
vendor:	dlink	model:	dir-836l	scope:	eq	version:	1.01	Trust: 1.0
vendor:	dlink	model:	dir-810l	scope:	eq	version:	1.01	Trust: 1.0
vendor:	dlink	model:	dir-826l	scope:	eq	version:	1.00	Trust: 1.0
vendor:	dlink	model:	dir-810l	scope:	eq	version:	2.02	Trust: 1.0
vendor:	dlink	model:	dir-830l	scope:	eq	version:	1.00	Trust: 1.0
vendor:	dlink	model:	dir-820l	scope:	eq	version:	1.05	Trust: 1.0
vendor:	dlink	model:	dir-651	scope:	eq	version:	1.10na	Trust: 1.0
vendor:	dlink	model:	dir-808l	scope:	eq	version:	1.03	Trust: 1.0
vendor:	d link	model:	dir-626l	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-651	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-808l	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-810l	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-820l	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-826l	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-830l	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-836l	scope:	-	version:	-	Trust: 0.8
vendor:	trendnet	model:	tew-651br	scope:	-	version:	-	Trust: 0.8
vendor:	trendnet	model:	tew-652br	scope:	-	version:	-	Trust: 0.8
vendor:	trendnet	model:	tew-711br	scope:	-	version:	-	Trust: 0.8
vendor:	trendnet	model:	tew-731br	scope:	-	version:	-	Trust: 0.8
vendor:	trendnet	model:	tew-810dr	scope:	-	version:	-	Trust: 0.8
vendor:	trendnet	model:	tew-813dru	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-820l	scope:	eq	version:	2.01	Trust: 0.6
vendor:	d link	model:	dir-820l	scope:	eq	version:	1.05	Trust: 0.6
vendor:	d link	model:	dir-810l	scope:	eq	version:	2.02	Trust: 0.6
vendor:	d link	model:	dir-810l	scope:	eq	version:	1.01	Trust: 0.6
vendor:	d link	model:	dir-626l	scope:	eq	version:	1.04	Trust: 0.6
vendor:	d link	model:	dir-820l	scope:	eq	version:	1.02	Trust: 0.6
vendor:	d link	model:	dir-830l	scope:	eq	version:	1.00	Trust: 0.6
vendor:	d link	model:	dir-826l	scope:	eq	version:	1.00	Trust: 0.6
vendor:	d link	model:	dir-636l	scope:	eq	version:	0	Trust: 0.3
vendor:	dlink	model:	dir-836l 1.01b03	scope:	-	version:	-	Trust: 0.3
vendor:	dlink	model:	dir-830l 1.00b07	scope:	-	version:	-	Trust: 0.3
vendor:	dlink	model:	dir-826l 1.00b23	scope:	-	version:	-	Trust: 0.3
vendor:	dlink	model:	dir-820l 2.01b02	scope:	-	version:	-	Trust: 0.3
vendor:	dlink	model:	dir-820l 1.05b03	scope:	-	version:	-	Trust: 0.3
vendor:	dlink	model:	dir-810l 2.02b01	scope:	-	version:	-	Trust: 0.3
vendor:	dlink	model:	dir-810l 1.01b04	scope:	-	version:	-	Trust: 0.3
vendor:	dlink	model:	dir-808l 1.03b05	scope:	-	version:	-	Trust: 0.3
vendor:	dlink	model:	dir-626l 1.04b04 beta	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2015-01489 // BID: 72848 // BID: 72865 // JVNDB: JVNDB-2015-007962 // CNNVD: CNNVD-201503-213 // NVD: CVE-2015-1187

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-1187
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2015-1187
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2015-01489
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201503-213
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-79148
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-1187
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-1187
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2015-01489
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-79148
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2015-1187
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2015-1187
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2015-01489 // VULHUB: VHN-79148 // VULMON: CVE-2015-1187 // JVNDB: JVNDB-2015-007962 // CNNVD: CNNVD-201503-213 // NVD: CVE-2015-1187

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.9

sources: VULHUB: VHN-79148 // JVNDB: JVNDB-2015-007962 // NVD: CVE-2015-1187

THREAT TYPE

network

Trust: 0.6

sources: BID: 72848 // BID: 72865

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201503-213

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-007962

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-79148 // VULMON: CVE-2015-1187

PATCH

title:	Top Page	url:	http://us.dlink.com/	Trust: 0.8
title:	Top Page	url:	http://www.trendnet.com/home	Trust: 0.8
title:	The Register	url:	https://www.theregister.co.uk/2015/05/26/new_dns_router_attack/	Trust: 0.2
title:	Known Exploited Vulnerabilities Detector	url:	https://github.com/Ostorlab/KEV	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/exploit-kit-using-csrf-to-redirect-soho-router-dns-settings/112993/	Trust: 0.1

sources: VULMON: CVE-2015-1187 // JVNDB: JVNDB-2015-007962

EXTERNAL IDS

db:	NVD	id:	CVE-2015-1187	Trust: 3.5
db:	BID	id:	72848	Trust: 2.7
db:	DLINK	id:	SAP10052	Trust: 2.1
db:	PACKETSTORM	id:	131465	Trust: 1.8
db:	PACKETSTORM	id:	130607	Trust: 1.8
db:	JVNDB	id:	JVNDB-2015-007962	Trust: 0.8
db:	CNNVD	id:	CNNVD-201503-213	Trust: 0.7
db:	CNVD	id:	CNVD-2015-01489	Trust: 0.6
db:	BID	id:	72865	Trust: 0.3
db:	EXPLOIT-DB	id:	41677	Trust: 0.2
db:	VULHUB	id:	VHN-79148	Trust: 0.1
db:	VULMON	id:	CVE-2015-1187	Trust: 0.1

sources: CNVD: CNVD-2015-01489 // VULHUB: VHN-79148 // VULMON: CVE-2015-1187 // BID: 72848 // BID: 72865 // JVNDB: JVNDB-2015-007962 // CNNVD: CNNVD-201503-213 // NVD: CVE-2015-1187

REFERENCES

url:	http://seclists.org/fulldisclosure/2015/mar/15	Trust: 2.7
url:	https://github.com/darkarnium/secpub/tree/master/multivendor/ncc2	Trust: 2.6
url:	http://securityadvisories.dlink.com/security/publication.aspx?name=sap10052	Trust: 2.1
url:	http://www.securityfocus.com/bid/72848	Trust: 1.9
url:	http://packetstormsecurity.com/files/130607/d-link-dir636l-remote-command-injection.html	Trust: 1.8
url:	http://packetstormsecurity.com/files/131465/d-link-trendnet-ncc-service-command-injection.html	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1187	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1187	Trust: 0.8
url:	http://www.dlink.com/	Trust: 0.3
url:	http://www.dlink.co.in/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/41677/	Trust: 0.1
url:	https://threatpost.com/exploit-kit-using-csrf-to-redirect-soho-router-dns-settings/112993/	Trust: 0.1

CREDITS

Tiago Caetano Henriques and Stephan Rickauer via Swisscom CSIRT.

Trust: 0.9

sources: BID: 72848 // CNNVD: CNNVD-201503-213

SOURCES

db:	CNVD	id:	CNVD-2015-01489
db:	VULHUB	id:	VHN-79148
db:	VULMON	id:	CVE-2015-1187
db:	BID	id:	72848
db:	BID	id:	72865
db:	JVNDB	id:	JVNDB-2015-007962
db:	CNNVD	id:	CNNVD-201503-213
db:	NVD	id:	CVE-2015-1187

LAST UPDATE DATE

2024-12-20T22:35:02.259000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-01489	date:	2015-03-09T00:00:00
db:	VULHUB	id:	VHN-79148	date:	2017-10-05T00:00:00
db:	VULMON	id:	CVE-2015-1187	date:	2023-11-08T00:00:00
db:	BID	id:	72848	date:	2015-03-02T00:00:00
db:	BID	id:	72865	date:	2015-03-02T00:00:00
db:	JVNDB	id:	JVNDB-2015-007962	date:	2017-10-20T00:00:00
db:	CNNVD	id:	CNNVD-201503-213	date:	2023-04-27T00:00:00
db:	NVD	id:	CVE-2015-1187	date:	2024-12-20T03:42:58.710

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-01489	date:	2015-03-09T00:00:00
db:	VULHUB	id:	VHN-79148	date:	2017-09-21T00:00:00
db:	VULMON	id:	CVE-2015-1187	date:	2017-09-21T00:00:00
db:	BID	id:	72848	date:	2015-03-02T00:00:00
db:	BID	id:	72865	date:	2015-03-02T00:00:00
db:	JVNDB	id:	JVNDB-2015-007962	date:	2017-10-20T00:00:00
db:	CNNVD	id:	CNNVD-201503-213	date:	2015-03-10T00:00:00
db:	NVD	id:	CVE-2015-1187	date:	2017-09-21T16:29:00.147