Details of VAR-202102-0334

ID

VAR-202102-0334

CVE

CVE-2020-27863

TITLE

D-Link DVA-2800 and DSL-2888A Authentication vulnerabilities in routers

Trust: 0.8

sources: JVNDB: JVNDB-2020-015976

DESCRIPTION

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-10912. Zero Day Initiative To this vulnerability ZDI-CAN-10912 Was numbered.Information may be obtained

Trust: 2.25

sources: NVD: CVE-2020-27863 // JVNDB: JVNDB-2020-015976 // ZDI: ZDI-20-1427

AFFECTED PRODUCTS

vendor:	dlink	model:	dsl-2888a	scope:	eq	version:	2.30_au	Trust: 1.0
vendor:	dlink	model:	dva-2800	scope:	eq	version:	2.30_au	Trust: 1.0
vendor:	d link	model:	dsl-2888a	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dva-2800	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	multiple routers	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-20-1427 // JVNDB: JVNDB-2020-015976 // NVD: CVE-2020-27863

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-27863
value:	MEDIUM
Trust: 1.0
zdi-disclosures@trendmicro.com:	CVE-2020-27863
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-27863
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2020-27863
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-202102-1078
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2020-27863
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

zdi-disclosures@trendmicro.com:	CVE-2020-27863
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2020-27863
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
ZDI:	CVE-2020-27863
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-20-1427 // JVNDB: JVNDB-2020-015976 // CNNVD: CNNVD-202102-1078 // NVD: CVE-2020-27863 // NVD: CVE-2020-27863

PROBLEMTYPE DATA

problemtype:	CWE-288	Trust: 1.0
problemtype:	CWE-287	Trust: 1.0
problemtype:	Improper authentication (CWE-287) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-015976 // NVD: CVE-2020-27863

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202102-1078

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202102-1078

PATCH

title:	dhttpd Authentication Bypass Vulnerability	url:	https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10196	Trust: 1.5
title:	TCP Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142365	Trust: 0.6

sources: ZDI: ZDI-20-1427 // JVNDB: JVNDB-2020-015976 // CNNVD: CNNVD-202102-1078

EXTERNAL IDS

db:	NVD	id:	CVE-2020-27863	Trust: 3.1
db:	ZDI	id:	ZDI-20-1427	Trust: 3.1
db:	DLINK	id:	SAP10196	Trust: 1.6
db:	JVNDB	id:	JVNDB-2020-015976	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-10912	Trust: 0.7
db:	CNNVD	id:	CNNVD-202102-1078	Trust: 0.6

sources: ZDI: ZDI-20-1427 // JVNDB: JVNDB-2020-015976 // CNNVD: CNNVD-202102-1078 // NVD: CVE-2020-27863

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-20-1427/	Trust: 2.4
url:	https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10196	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27863	Trust: 1.4

sources: ZDI: ZDI-20-1427 // JVNDB: JVNDB-2020-015976 // CNNVD: CNNVD-202102-1078 // NVD: CVE-2020-27863

CREDITS

chung96vn ft Hoang Le (phieulang)

Trust: 0.7

sources: ZDI: ZDI-20-1427

SOURCES

db:	ZDI	id:	ZDI-20-1427
db:	JVNDB	id:	JVNDB-2020-015976
db:	CNNVD	id:	CNNVD-202102-1078
db:	NVD	id:	CVE-2020-27863

LAST UPDATE DATE

2024-11-23T22:20:52.995000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-20-1427	date:	2021-09-27T00:00:00
db:	JVNDB	id:	JVNDB-2020-015976	date:	2021-10-28T08:42:00
db:	CNNVD	id:	CNNVD-202102-1078	date:	2021-03-19T00:00:00
db:	NVD	id:	CVE-2020-27863	date:	2024-11-21T05:21:57.347

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-20-1427	date:	2020-12-15T00:00:00
db:	JVNDB	id:	JVNDB-2020-015976	date:	2021-10-28T00:00:00
db:	CNNVD	id:	CNNVD-202102-1078	date:	2021-02-11T00:00:00
db:	NVD	id:	CVE-2020-27863	date:	2021-02-12T00:15:12.657