Sign-up

ID

VAR-202007-0872


CVE

CVE-2020-15633


TITLE

plural D-Link Vulnerability in authentication bypass using alternate path or channel in routers

Trust: 0.8

sources: JVNDB: JVNDB-2020-008738

DESCRIPTION

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10_BETA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP requests. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the router. Was ZDI-CAN-10835. Zero Day Initiative To this vulnerability ZDI-CAN-10835 Was numbered.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. D-Link DIR-878 and D-Link DIR-867 are both wireless routers manufactured by D-Link in Taiwan. DIR-867-US using firmware version 1.20B10 and earlier and DIR-878 using firmware version 1.20B05 and earlier have security loopholes in HNAP request processing, which stems from incorrect string matching logic

Trust: 2.79

sources: NVD: CVE-2020-15633 // JVNDB: JVNDB-2020-008738 // ZDI: ZDI-20-881 // CNVD: CNVD-2020-46228

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-46228

AFFECTED PRODUCTS

vendor:d linkmodel:dir-867scope:lteversion:1.20b10

Trust: 1.0

vendor:d linkmodel:dir-878scope:lteversion:1.20b05

Trust: 1.0

vendor:d linkmodel:dir-882scope:eqversion: -

Trust: 1.0

vendor:d linkmodel:dir-867scope:eqversion:1.20b10_beta

Trust: 0.8

vendor:d linkmodel:dir-878scope:eqversion:1.20b10_beta

Trust: 0.8

vendor:d linkmodel:dir-882scope:eqversion:1.20b10_beta

Trust: 0.8

vendor:d linkmodel:multiple routersscope: - version: -

Trust: 0.7

vendor:d linkmodel:dir-878 <=1.20b05scope: - version: -

Trust: 0.6

vendor:d linkmodel:dir-867-us <=1.20b10scope: - version: -

Trust: 0.6

sources: ZDI: ZDI-20-881 // CNVD: CNVD-2020-46228 // JVNDB: JVNDB-2020-008738 // NVD: CVE-2020-15633

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-15633
value: HIGH

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-15633
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-008738
value: HIGH

Trust: 0.8

ZDI: CVE-2020-15633
value: HIGH

Trust: 0.7

CNVD: CNVD-2020-46228
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202007-1303
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-15633
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-008738
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-46228
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-15633
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-15633
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-008738
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-15633
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-881 // CNVD: CNVD-2020-46228 // JVNDB: JVNDB-2020-008738 // CNNVD: CNNVD-202007-1303 // NVD: CVE-2020-15633 // NVD: CVE-2020-15633

PROBLEMTYPE DATA

problemtype:CWE-288

Trust: 1.8

sources: JVNDB: JVNDB-2020-008738 // NVD: CVE-2020-15633

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202007-1303

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202007-1303

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-008738

PATCH
title:SAP10186url:https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10186
Trust: 1.5
title:Patch for D-Link DIR-867, DIR-878 and DIR-882 authentication bypass vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/230428
Trust: 0.6
title:D-Link DIR-867  and DIR-878 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124973
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-881 // 
            
            
            
            CNVD: CNVD-2020-46228 // 
            
            
            
            JVNDB: JVNDB-2020-008738 // 
            
            
            
            CNNVD: CNNVD-202007-1303

EXTERNAL IDS
db:NVDid:CVE-2020-15633
Trust: 3.7
db:ZDIid:ZDI-20-881
Trust: 2.9
db:DLINKid:SAP10186
Trust: 1.6
db:JVNDBid:JVNDB-2020-008738
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-10835
Trust: 0.7
db:CNVDid:CNVD-2020-46228
Trust: 0.6
db:NSFOCUSid:47652
Trust: 0.6
db:CNNVDid:CNNVD-202007-1303
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-881 // 
            
            
            
            CNVD: CNVD-2020-46228 // 
            
            
            
            JVNDB: JVNDB-2020-008738 // 
            
            
            
            CNNVD: CNNVD-202007-1303 // 
            
            
            
            NVD: CVE-2020-15633

REFERENCES
url:https://www.zerodayinitiative.com/advisories/zdi-20-881/
Trust: 2.8
url:https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10186
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2020-15633
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-15633
Trust: 0.8
url:http://www.nsfocus.net/vulndb/47652
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-881 // 
            
            
            
            CNVD: CNVD-2020-46228 // 
            
            
            
            JVNDB: JVNDB-2020-008738 // 
            
            
            
            CNNVD: CNNVD-202007-1303 // 
            
            
            
            NVD: CVE-2020-15633

CREDITS
chung96vn of Vietnam Cyber Security Center
Trust: 1.3
sources:
            
            
            ZDI: ZDI-20-881 // 
            
            
            
            CNNVD: CNNVD-202007-1303

SOURCES
db:ZDIid:ZDI-20-881
db:CNVDid:CNVD-2020-46228
db:JVNDBid:JVNDB-2020-008738
db:CNNVDid:CNNVD-202007-1303
db:NVDid:CVE-2020-15633

LAST UPDATE DATE
2024-11-23T22:05:34.330000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-881date:2020-07-20T00:00:00
db:CNVDid:CNVD-2020-46228date:2020-08-15T00:00:00
db:JVNDBid:JVNDB-2020-008738date:2020-09-23T00:00:00
db:CNNVDid:CNNVD-202007-1303date:2020-08-12T00:00:00
db:NVDid:CVE-2020-15633date:2024-11-21T05:05:54.503

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-881date:2020-07-20T00:00:00
db:CNVDid:CNVD-2020-46228date:2020-08-15T00:00:00
db:JVNDBid:JVNDB-2020-008738date:2020-09-23T00:00:00
db:CNNVDid:CNNVD-202007-1303date:2020-07-20T00:00:00
db:NVDid:CVE-2020-15633date:2020-07-23T21:15:12.033