Sign-up

ID

VAR-201907-1070


CVE

CVE-2017-8410


TITLE

D-Link DCS-1100 and D-Link DCS-1130 Buffer Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2019-21250 // CNNVD: CNNVD-201907-125

DESCRIPTION

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary performs a memcpy operation at address 0x00011E34 with the value sent in the "Authorization: Basic" RTSP header and stores it on the stack. The number of bytes to be copied are calculated based on the length of the string sent in the RTSP header by the client. As a result, memcpy copies more data then it can hold on stack and this results in corrupting the registers for the caller function sub_F6CC which results in memory corruption. The severity of this attack is enlarged by the fact that the same value is then copied on the stack in the function 0x00011378 and this allows to overflow the buffer allocated and thus control the PC register which will result in arbitrary code execution on the device. D-Link DCS-1100 and DCS-1130 The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The D-LinkDCS-1100 and D-LinkDCS-1130 are both network cameras from D-Link Corporation of Taiwan, China. A buffer error vulnerability exists in the RTSPD in the D-LinkDCS-1100 and DCS-1130. The attacker can use this vulnerability to fully control the device and view images taken by the camera. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc

Trust: 2.34

sources: NVD: CVE-2017-8410 // JVNDB: JVNDB-2017-014554 // CNVD: CNVD-2019-21250 // VULHUB: VHN-116613 // VULMON: CVE-2017-8410

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-21250

AFFECTED PRODUCTS

vendor:d linkmodel:dcs-1130scope: - version: -

Trust: 1.4

vendor:d linkmodel:dcs-1100scope: - version: -

Trust: 1.4

vendor:dlinkmodel:dcs-1130scope:eqversion: -

Trust: 1.0

vendor:dlinkmodel:dcs-1100scope:eqversion: -

Trust: 1.0

sources: CNVD: CNVD-2019-21250 // JVNDB: JVNDB-2017-014554 // NVD: CVE-2017-8410

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-8410
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-8410
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-21250
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201907-125
value: CRITICAL

Trust: 0.6

VULHUB: VHN-116613
value: HIGH

Trust: 0.1

VULMON: CVE-2017-8410
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-8410
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2019-21250
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-116613
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-8410
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-8410
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-21250 // VULHUB: VHN-116613 // VULMON: CVE-2017-8410 // JVNDB: JVNDB-2017-014554 // CNNVD: CNNVD-201907-125 // NVD: CVE-2017-8410

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-116613 // JVNDB: JVNDB-2017-014554 // NVD: CVE-2017-8410

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201907-125

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201907-125

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014554

PATCH
title:Top Pageurl:https://www.dlink.com/en/consumer
Trust: 0.8
title:IoT_vulnerabilitiesurl:https://github.com/ethanhunnt/IoT_vulnerabilities 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2017-8410 // 
            
            
            
            JVNDB: JVNDB-2017-014554

EXTERNAL IDS
db:NVDid:CVE-2017-8410
Trust: 3.3
db:PACKETSTORMid:153226
Trust: 2.5
db:JVNDBid:JVNDB-2017-014554
Trust: 0.8
db:CNNVDid:CNNVD-201907-125
Trust: 0.7
db:CNVDid:CNVD-2019-21250
Trust: 0.6
db:VULHUBid:VHN-116613
Trust: 0.1
db:VULMONid:CVE-2017-8410
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-21250 // 
            
            
            
            VULHUB: VHN-116613 // 
            
            
            
            VULMON: CVE-2017-8410 // 
            
            
            
            JVNDB: JVNDB-2017-014554 // 
            
            
            
            PACKETSTORM: 153226 // 
            
            
            
            CNNVD: CNNVD-201907-125 // 
            
            
            
            NVD: CVE-2017-8410

REFERENCES
url:https://github.com/ethanhunnt/iot_vulnerabilities/blob/master/dlink_dcs_1130_security.pdf
Trust: 3.2
url:http://packetstormsecurity.com/files/153226/dlink-dcs-1130-command-injection-csrf-stack-overflow.html
Trust: 3.0
url:https://seclists.org/bugtraq/2019/jun/8
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2017-8410
Trust: 1.5
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8410
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/ethanhunnt/iot_vulnerabilities
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8408
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8413
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8405
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8406
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8412
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8409
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8415
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8417
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8404
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8416
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8411
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8407
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8414
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-21250 // 
            
            
            
            VULHUB: VHN-116613 // 
            
            
            
            VULMON: CVE-2017-8410 // 
            
            
            
            JVNDB: JVNDB-2017-014554 // 
            
            
            
            PACKETSTORM: 153226 // 
            
            
            
            CNNVD: CNNVD-201907-125 // 
            
            
            
            NVD: CVE-2017-8410

CREDITS
Mandar Satam
Trust: 0.1
sources:
            
            
            PACKETSTORM: 153226

SOURCES
db:CNVDid:CNVD-2019-21250
db:VULHUBid:VHN-116613
db:VULMONid:CVE-2017-8410
db:JVNDBid:JVNDB-2017-014554
db:PACKETSTORMid:153226
db:CNNVDid:CNNVD-201907-125
db:NVDid:CVE-2017-8410

LAST UPDATE DATE
2024-11-23T21:37:04.651000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-21250date:2019-07-04T00:00:00
db:VULHUBid:VHN-116613date:2019-07-09T00:00:00
db:VULMONid:CVE-2017-8410date:2021-04-26T00:00:00
db:JVNDBid:JVNDB-2017-014554date:2019-07-10T00:00:00
db:CNNVDid:CNNVD-201907-125date:2021-04-27T00:00:00
db:NVDid:CVE-2017-8410date:2024-11-21T03:33:59

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-21250date:2019-07-04T00:00:00
db:VULHUBid:VHN-116613date:2019-07-02T00:00:00
db:VULMONid:CVE-2017-8410date:2019-07-02T00:00:00
db:JVNDBid:JVNDB-2017-014554date:2019-07-10T00:00:00
db:PACKETSTORMid:153226date:2019-06-07T15:06:02
db:CNNVDid:CNNVD-201907-125date:2019-07-02T00:00:00
db:NVDid:CVE-2017-8410date:2019-07-02T20:15:11.120