Details of VAR-201907-1068

ID

VAR-201907-1068

CVE

CVE-2017-8408

TITLE

D-Link DCS-1130 Command Injection Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2019-21080 // CNNVD: CNNVD-201907-126

DESCRIPTION

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request (to test if SMB credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "cgibox" is the one that has the vulnerable function "sub_7EAFC" that receives the values sent by the GET request. If we open this binary in IDA-pro we will notice that this follows a ARM little endian format. The function sub_7EAFC in IDA pro is identified to be receiving the values sent in the GET request and the value set in GET parameter "user" is extracted in function sub_7E49C which is then passed to the vulnerable system API call. D-Link DCS-1130 The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDCS-1130 is a network camera of D-Link Corporation of Taiwan, China. There is a command injection vulnerability in the Recorder function in D-LinkDCS-1130. An attacker could exploit the vulnerability to control the device as an admin user and execute arbitrary code. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data

Trust: 2.34

sources: NVD: CVE-2017-8408 // JVNDB: JVNDB-2017-014550 // CNVD: CNVD-2019-21080 // VULHUB: VHN-116611 // VULMON: CVE-2017-8408

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-21080

AFFECTED PRODUCTS

vendor:	d link	model:	dcs-1130	scope:	-	version:	-	Trust: 1.4
vendor:	dlink	model:	dcs-1130	scope:	eq	version:	-	Trust: 1.0

sources: CNVD: CNVD-2019-21080 // JVNDB: JVNDB-2017-014550 // NVD: CVE-2017-8408

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-8408
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-8408
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2019-21080
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201907-126
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-116611
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-8408
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-8408
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2019-21080
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-116611
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-8408
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2019-21080 // VULHUB: VHN-116611 // VULMON: CVE-2017-8408 // JVNDB: JVNDB-2017-014550 // CNNVD: CNNVD-201907-126 // NVD: CVE-2017-8408

PROBLEMTYPE DATA

problemtype:

CWE-77

Trust: 1.9

sources: VULHUB: VHN-116611 // JVNDB: JVNDB-2017-014550 // NVD: CVE-2017-8408

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201907-126

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-201907-126

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-014550

PATCH

title:	DCS-1130	url:	https://eu.dlink.com/uk/en/products/dcs-1130-wireless-n-network-camera	Trust: 0.8
title:	IoT_vulnerabilities	url:	https://github.com/ethanhunnt/IoT_vulnerabilities	Trust: 0.1

sources: VULMON: CVE-2017-8408 // JVNDB: JVNDB-2017-014550

EXTERNAL IDS

db:	NVD	id:	CVE-2017-8408	Trust: 3.3
db:	JVNDB	id:	JVNDB-2017-014550	Trust: 0.8
db:	CNNVD	id:	CNNVD-201907-126	Trust: 0.7
db:	CNVD	id:	CNVD-2019-21080	Trust: 0.6
db:	VULHUB	id:	VHN-116611	Trust: 0.1
db:	VULMON	id:	CVE-2017-8408	Trust: 0.1
db:	PACKETSTORM	id:	153226	Trust: 0.1

sources: CNVD: CNVD-2019-21080 // VULHUB: VHN-116611 // VULMON: CVE-2017-8408 // JVNDB: JVNDB-2017-014550 // PACKETSTORM: 153226 // CNNVD: CNNVD-201907-126 // NVD: CVE-2017-8408

REFERENCES

url:	https://github.com/ethanhunnt/iot_vulnerabilities/blob/master/dlink_dcs_1130_security.pdf	Trust: 3.2
url:	https://seclists.org/bugtraq/2019/jun/8	Trust: 2.4
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8408	Trust: 1.5
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8408	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/77.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/ethanhunnt/iot_vulnerabilities	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8413	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8405	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8406	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8410	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8412	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8409	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8415	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8417	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8404	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8416	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8411	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8414	Trust: 0.1

CREDITS

Mandar Satam

Trust: 0.1

sources: PACKETSTORM: 153226

SOURCES

db:	CNVD	id:	CNVD-2019-21080
db:	VULHUB	id:	VHN-116611
db:	VULMON	id:	CVE-2017-8408
db:	JVNDB	id:	JVNDB-2017-014550
db:	PACKETSTORM	id:	153226
db:	CNNVD	id:	CNNVD-201907-126
db:	NVD	id:	CVE-2017-8408

LAST UPDATE DATE

2024-11-23T21:37:04.573000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-21080	date:	2019-07-04T00:00:00
db:	VULHUB	id:	VHN-116611	date:	2019-07-08T00:00:00
db:	VULMON	id:	CVE-2017-8408	date:	2023-04-26T00:00:00
db:	JVNDB	id:	JVNDB-2017-014550	date:	2019-07-09T00:00:00
db:	CNNVD	id:	CNNVD-201907-126	date:	2019-07-09T00:00:00
db:	NVD	id:	CVE-2017-8408	date:	2024-11-21T03:33:58.673

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-21080	date:	2019-07-04T00:00:00
db:	VULHUB	id:	VHN-116611	date:	2019-07-02T00:00:00
db:	VULMON	id:	CVE-2017-8408	date:	2019-07-02T00:00:00
db:	JVNDB	id:	JVNDB-2017-014550	date:	2019-07-09T00:00:00
db:	PACKETSTORM	id:	153226	date:	2019-06-07T15:06:02
db:	CNNVD	id:	CNNVD-201907-126	date:	2019-07-02T00:00:00
db:	NVD	id:	CVE-2017-8408	date:	2019-07-02T16:15:11.643