Search

Find a vulnerability

Search criteria

    36 vulnerabilities found for dap-2020_firmware by dlink

    CVE-2023-32146 (GCVE-0-2023-32146)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2025-02-05 20:40
    VLAI
    Title
    D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18746.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360 Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32146",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T17:29:14.430443Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T20:40:39.745Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:28.933Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-538",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-538/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.989Z",
          "datePublic": "2023-05-04T22:15:48.040Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18746."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:14.151Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-538",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-538/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative"
          },
          "title": "D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32146",
        "datePublished": "2024-05-03T01:56:31.665Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2025-02-05T20:40:39.745Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32145 (GCVE-0-2023-32145)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability
    Summary
    D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the web-based user interface. The firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system. . Was ZDI-CAN-18455.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-259 - Use of Hard-coded Password
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360 Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32145",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-03T17:18:28.056019Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:26:13.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.212Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-537",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-537/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.983Z",
          "datePublic": "2023-05-04T22:15:41.674Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of login requests to the web-based user interface. The firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-18455."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-259",
                  "description": "CWE-259: Use of Hard-coded Password",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:13.398Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-537",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-537/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32145",
        "datePublished": "2024-05-03T01:56:30.792Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2024-09-18T18:28:13.398Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32144 (GCVE-0-2023-32144)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18454.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360_firmware Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:o:dlink:dap-1360_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:dlink:dap-1360_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360_firmware",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32144",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T17:21:00.390076Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T17:22:52.418Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.178Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-536",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-536/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.977Z",
          "datePublic": "2023-05-04T22:15:31.164Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18454."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:12.699Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-536",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-536/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32144",
        "datePublished": "2024-05-03T01:56:30.085Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2024-09-18T18:28:12.699Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32143 (GCVE-0-2023-32143)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2025-02-05 20:43
    VLAI
    Title
    D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18423.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-197 - Numeric Truncation Error
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360 Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32143",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T17:24:11.124261Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-197",
                    "description": "CWE-197 Numeric Truncation Error",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T20:43:14.759Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.243Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-535",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-535/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.971Z",
          "datePublic": "2023-05-04T22:15:25.620Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18423."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-197",
                  "description": "CWE-197: Numeric Truncation Error",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:11.976Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-535",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-535/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32143",
        "datePublished": "2024-05-03T01:56:29.312Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2025-02-05T20:43:14.759Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32142 (GCVE-0-2023-32142)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the var:page parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18422.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360f1_firmware Affected: R.47.0.0 AutoCAD 2021
    Affected: R.47.0.0 AutoCAD LT 2021
        cpe:2.3:h:d-link:dap-1360f1_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360f1_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360f1_firmware",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "R.47.0.0 AutoCAD 2021"
                  },
                  {
                    "status": "affected",
                    "version": "R.47.0.0 AutoCAD LT 2021"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32142",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-11T17:31:28.943059Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-11T17:46:15.813Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.227Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-534",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-534/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.965Z",
          "datePublic": "2023-05-04T22:15:20.106Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the var:page parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18422."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:11.192Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-534",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-534/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32142",
        "datePublished": "2024-05-03T01:56:28.550Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2024-09-18T18:28:11.192Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32141 (GCVE-0-2023-32141)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the getpage and errorpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18419.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360 Affected: 0 , ≤ 6.14b01 (custom)
        cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link dap-2020 Affected: 0 , ≤ 1.03b01 (custom)
        cpe:2.3:h:d-link:dap-2020:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-2020:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-2020",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "1.03b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32141",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-08T17:53:07.699942Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T19:35:45.730Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.144Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-533",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-533/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.958Z",
          "datePublic": "2023-05-04T22:15:11.694Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the getpage and errorpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18419."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:10.492Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-533",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-533/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32141",
        "datePublished": "2024-05-03T01:56:27.792Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2024-09-18T18:28:10.492Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32140 (GCVE-0-2023-32140)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2025-02-05 20:46
    VLAI
    Title
    D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:sys_Token parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18418.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360 Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32140",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T17:15:13.341341Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T20:46:14.766Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.168Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-532",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-532/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.952Z",
          "datePublic": "2023-05-04T22:15:02.754Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:sys_Token parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18418."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:09.741Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-532",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-532/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32140",
        "datePublished": "2024-05-03T01:56:27.034Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2025-02-05T20:46:14.766Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32139 (GCVE-0-2023-32139)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18417.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360 Affected: -
        cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32139",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-07T19:43:13.679882Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:26:10.088Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.159Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-531",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-531/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.946Z",
          "datePublic": "2023-05-04T22:14:56.532Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18417."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:08.994Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-531",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-531/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32139",
        "datePublished": "2024-05-03T01:56:26.198Z",
        "dateReserved": "2023-05-03T20:10:47.058Z",
        "dateUpdated": "2024-09-18T18:28:08.994Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32138 (GCVE-0-2023-32138)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18416.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360 Affected: -
        cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32138",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T17:35:00.512734Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:26:06.642Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.270Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-530",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-530/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.940Z",
          "datePublic": "2023-05-04T22:14:43.040Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18416."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:08.264Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-530",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-530/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32138",
        "datePublished": "2024-05-03T01:56:25.440Z",
        "dateReserved": "2023-05-03T20:10:47.058Z",
        "dateUpdated": "2024-09-18T18:28:08.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32137 (GCVE-0-2023-32137)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability
    Summary
    D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. . Was ZDI-CAN-18415.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360f1_firmware Affected: 0 , ≤ 6.14b01 (custom)
        cpe:2.3:h:d-link:dap-1360f1_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link dap-2020_firmware Affected: 0 , ≤ 1.03b01 (custom)
        cpe:2.3:h:d-link:dap-2020_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360f1_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360f1_firmware",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-2020_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-2020_firmware",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "1.03b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32137",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-06T15:02:05.102361Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T15:10:19.566Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-529",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-529/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.934Z",
          "datePublic": "2023-05-04T22:14:37.774Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root.\n. Was ZDI-CAN-18415."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:07.536Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-529",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-529/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32137",
        "datePublished": "2024-05-03T01:56:24.719Z",
        "dateReserved": "2023-05-03T20:10:47.058Z",
        "dateUpdated": "2024-09-18T18:28:07.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32136 (GCVE-0-2023-32136)

    Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:menu parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18414.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360_firmware Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:o:dlink:dap-1360_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:dlink:dap-1360_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360_firmware",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32136",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T17:24:50.381888Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T17:25:13.064Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:28.985Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-528",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-528/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.928Z",
          "datePublic": "2023-05-04T22:14:31.219Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:menu parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18414."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:06.807Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-528",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-528/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32136",
        "datePublished": "2024-05-03T01:56:24.020Z",
        "dateReserved": "2023-05-03T20:10:47.058Z",
        "dateUpdated": "2024-09-18T18:28:06.807Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34863 (GCVE-0-2021-34863)

    Vulnerability from nvd – Published: 2021-10-25 17:10 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:page parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13271.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-2020 Affected: 1.01rc001
    Create a notification for this product.
    Credits
    chung96vn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:54.606Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-979/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DAP-2020",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.01rc001"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "chung96vn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:page parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13271."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-25T17:10:50.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-979/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-34863",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DAP-2020",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.01rc001"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "credit": "chung96vn",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:page parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13271."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201",
                  "refsource": "MISC",
                  "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-979/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-979/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-34863",
        "datePublished": "2021-10-25T17:10:50.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:54.606Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34862 (GCVE-0-2021-34862)

    Vulnerability from nvd – Published: 2021-10-25 17:10 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:menu parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13270.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-2020 Affected: 1.01rc001
    Create a notification for this product.
    Credits
    chung96vn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:54.205Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-978/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DAP-2020",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.01rc001"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "chung96vn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:menu parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13270."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-25T17:10:48.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-978/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-34862",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DAP-2020",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.01rc001"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "credit": "chung96vn",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:menu parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13270."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201",
                  "refsource": "MISC",
                  "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-978/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-978/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-34862",
        "datePublished": "2021-10-25T17:10:49.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:54.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34861 (GCVE-0-2021-34861)

    Vulnerability from nvd – Published: 2021-10-25 17:10 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12104.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-2020 Affected: 1.01rc001
    Create a notification for this product.
    Credits
    chung96vn ft phieulang ft ChiTran
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:54.669Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-977/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DAP-2020",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.01rc001"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "chung96vn ft phieulang ft ChiTran"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12104."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-25T17:10:47.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-977/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-34861",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DAP-2020",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.01rc001"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "credit": "chung96vn ft phieulang ft ChiTran",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12104."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201",
                  "refsource": "MISC",
                  "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-977/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-977/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-34861",
        "datePublished": "2021-10-25T17:10:47.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:54.669Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34860 (GCVE-0-2021-34860)

    Vulnerability from nvd – Published: 2021-10-25 17:10 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to the webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-12103.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-2020 Affected: 1.01rc001
    Create a notification for this product.
    Credits
    chung96vn of Vietnam National Cyber Security Center
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:54.228Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-976/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DAP-2020",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.01rc001"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "chung96vn of Vietnam National Cyber Security Center"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to the webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-12103."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-25T17:10:45.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-976/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-34860",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DAP-2020",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.01rc001"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "credit": "chung96vn of Vietnam National Cyber Security Center",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to the webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-12103."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201",
                  "refsource": "MISC",
                  "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-976/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-976/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-34860",
        "datePublished": "2021-10-25T17:10:45.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:54.228Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32146 (GCVE-0-2023-32146)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2025-02-05 20:40
    VLAI
    Title
    D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18746.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360 Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32146",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T17:29:14.430443Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T20:40:39.745Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:28.933Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-538",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-538/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.989Z",
          "datePublic": "2023-05-04T22:15:48.040Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18746."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:14.151Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-538",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-538/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative"
          },
          "title": "D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32146",
        "datePublished": "2024-05-03T01:56:31.665Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2025-02-05T20:40:39.745Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32145 (GCVE-0-2023-32145)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability
    Summary
    D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the web-based user interface. The firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system. . Was ZDI-CAN-18455.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-259 - Use of Hard-coded Password
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360 Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32145",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-03T17:18:28.056019Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:26:13.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.212Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-537",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-537/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.983Z",
          "datePublic": "2023-05-04T22:15:41.674Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of login requests to the web-based user interface. The firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-18455."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-259",
                  "description": "CWE-259: Use of Hard-coded Password",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:13.398Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-537",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-537/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32145",
        "datePublished": "2024-05-03T01:56:30.792Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2024-09-18T18:28:13.398Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32144 (GCVE-0-2023-32144)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18454.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360_firmware Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:o:dlink:dap-1360_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:dlink:dap-1360_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360_firmware",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32144",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T17:21:00.390076Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T17:22:52.418Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.178Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-536",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-536/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.977Z",
          "datePublic": "2023-05-04T22:15:31.164Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18454."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:12.699Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-536",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-536/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32144",
        "datePublished": "2024-05-03T01:56:30.085Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2024-09-18T18:28:12.699Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32143 (GCVE-0-2023-32143)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2025-02-05 20:43
    VLAI
    Title
    D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18423.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-197 - Numeric Truncation Error
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360 Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32143",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T17:24:11.124261Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-197",
                    "description": "CWE-197 Numeric Truncation Error",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T20:43:14.759Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.243Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-535",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-535/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.971Z",
          "datePublic": "2023-05-04T22:15:25.620Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18423."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-197",
                  "description": "CWE-197: Numeric Truncation Error",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:11.976Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-535",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-535/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32143",
        "datePublished": "2024-05-03T01:56:29.312Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2025-02-05T20:43:14.759Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32142 (GCVE-0-2023-32142)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the var:page parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18422.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360f1_firmware Affected: R.47.0.0 AutoCAD 2021
    Affected: R.47.0.0 AutoCAD LT 2021
        cpe:2.3:h:d-link:dap-1360f1_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360f1_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360f1_firmware",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "R.47.0.0 AutoCAD 2021"
                  },
                  {
                    "status": "affected",
                    "version": "R.47.0.0 AutoCAD LT 2021"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32142",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-11T17:31:28.943059Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-11T17:46:15.813Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.227Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-534",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-534/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.965Z",
          "datePublic": "2023-05-04T22:15:20.106Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the var:page parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18422."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:11.192Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-534",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-534/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32142",
        "datePublished": "2024-05-03T01:56:28.550Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2024-09-18T18:28:11.192Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32141 (GCVE-0-2023-32141)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the getpage and errorpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18419.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360 Affected: 0 , ≤ 6.14b01 (custom)
        cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link dap-2020 Affected: 0 , ≤ 1.03b01 (custom)
        cpe:2.3:h:d-link:dap-2020:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-2020:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-2020",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "1.03b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32141",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-08T17:53:07.699942Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T19:35:45.730Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.144Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-533",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-533/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.958Z",
          "datePublic": "2023-05-04T22:15:11.694Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the getpage and errorpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18419."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:10.492Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-533",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-533/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32141",
        "datePublished": "2024-05-03T01:56:27.792Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2024-09-18T18:28:10.492Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32140 (GCVE-0-2023-32140)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2025-02-05 20:46
    VLAI
    Title
    D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:sys_Token parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18418.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360 Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:15
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32140",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T17:15:13.341341Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T20:46:14.766Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.168Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-532",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-532/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.952Z",
          "datePublic": "2023-05-04T22:15:02.754Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:sys_Token parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18418."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:09.741Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-532",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-532/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32140",
        "datePublished": "2024-05-03T01:56:27.034Z",
        "dateReserved": "2023-05-03T20:10:47.059Z",
        "dateUpdated": "2025-02-05T20:46:14.766Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32139 (GCVE-0-2023-32139)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18417.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360 Affected: -
        cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32139",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-07T19:43:13.679882Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:26:10.088Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.159Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-531",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-531/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.946Z",
          "datePublic": "2023-05-04T22:14:56.532Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18417."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:08.994Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-531",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-531/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32139",
        "datePublished": "2024-05-03T01:56:26.198Z",
        "dateReserved": "2023-05-03T20:10:47.058Z",
        "dateUpdated": "2024-09-18T18:28:08.994Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32138 (GCVE-0-2023-32138)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18416.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360 Affected: -
        cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "-"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32138",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T17:35:00.512734Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:26:06.642Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.270Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-530",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-530/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.940Z",
          "datePublic": "2023-05-04T22:14:43.040Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18416."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:08.264Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-530",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-530/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32138",
        "datePublished": "2024-05-03T01:56:25.440Z",
        "dateReserved": "2023-05-03T20:10:47.058Z",
        "dateUpdated": "2024-09-18T18:28:08.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32137 (GCVE-0-2023-32137)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability
    Summary
    D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. . Was ZDI-CAN-18415.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    d-link dap-1360f1_firmware Affected: 0 , ≤ 6.14b01 (custom)
        cpe:2.3:h:d-link:dap-1360f1_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link dap-2020_firmware Affected: 0 , ≤ 1.03b01 (custom)
        cpe:2.3:h:d-link:dap-2020_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-1360f1_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360f1_firmware",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:dap-2020_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-2020_firmware",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "1.03b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32137",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-06T15:02:05.102361Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T15:10:19.566Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:29.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-529",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-529/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.934Z",
          "datePublic": "2023-05-04T22:14:37.774Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root.\n. Was ZDI-CAN-18415."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:07.536Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-529",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-529/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32137",
        "datePublished": "2024-05-03T01:56:24.719Z",
        "dateReserved": "2023-05-03T20:10:47.058Z",
        "dateUpdated": "2024-09-18T18:28:07.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-32136 (GCVE-0-2023-32136)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
    VLAI
    Title
    D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:menu parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18414.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-1360 Affected: 6.14B01 EU HOTFIX
    Create a notification for this product.
    dlink dap-1360_firmware Affected: 0 , ≤ v6.14b01 (custom)
        cpe:2.3:o:dlink:dap-1360_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-05-04 22:14
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:dlink:dap-1360_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dap-1360_firmware",
                "vendor": "dlink",
                "versions": [
                  {
                    "lessThanOrEqual": "v6.14b01",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-32136",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T17:24:50.381888Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T17:25:13.064Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:03:28.985Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-528",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-528/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "DAP-1360",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.14B01 EU HOTFIX"
                }
              ]
            }
          ],
          "dateAssigned": "2023-05-03T20:16:42.928Z",
          "datePublic": "2023-05-04T22:14:31.219Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:menu parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18414."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-18T18:28:06.807Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-528",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-528/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10324"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-32136",
        "datePublished": "2024-05-03T01:56:24.020Z",
        "dateReserved": "2023-05-03T20:10:47.058Z",
        "dateUpdated": "2024-09-18T18:28:06.807Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34863 (GCVE-0-2021-34863)

    Vulnerability from cvelistv5 – Published: 2021-10-25 17:10 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:page parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13271.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-2020 Affected: 1.01rc001
    Create a notification for this product.
    Credits
    chung96vn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:54.606Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-979/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DAP-2020",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.01rc001"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "chung96vn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:page parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13271."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-25T17:10:50.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-979/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-34863",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DAP-2020",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.01rc001"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "credit": "chung96vn",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:page parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13271."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201",
                  "refsource": "MISC",
                  "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-979/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-979/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-34863",
        "datePublished": "2021-10-25T17:10:50.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:54.606Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34862 (GCVE-0-2021-34862)

    Vulnerability from cvelistv5 – Published: 2021-10-25 17:10 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:menu parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13270.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-2020 Affected: 1.01rc001
    Create a notification for this product.
    Credits
    chung96vn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:54.205Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-978/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DAP-2020",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.01rc001"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "chung96vn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:menu parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13270."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-25T17:10:48.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-978/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-34862",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DAP-2020",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.01rc001"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "credit": "chung96vn",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:menu parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13270."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201",
                  "refsource": "MISC",
                  "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-978/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-978/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-34862",
        "datePublished": "2021-10-25T17:10:49.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:54.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34861 (GCVE-0-2021-34861)

    Vulnerability from cvelistv5 – Published: 2021-10-25 17:10 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12104.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-2020 Affected: 1.01rc001
    Create a notification for this product.
    Credits
    chung96vn ft phieulang ft ChiTran
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:54.669Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-977/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DAP-2020",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.01rc001"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "chung96vn ft phieulang ft ChiTran"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12104."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-25T17:10:47.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-977/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-34861",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DAP-2020",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.01rc001"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "credit": "chung96vn ft phieulang ft ChiTran",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12104."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201",
                  "refsource": "MISC",
                  "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-977/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-977/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-34861",
        "datePublished": "2021-10-25T17:10:47.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:54.669Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34860 (GCVE-0-2021-34860)

    Vulnerability from cvelistv5 – Published: 2021-10-25 17:10 – Updated: 2024-08-04 00:26
    VLAI
    Summary
    This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to the webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-12103.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    D-Link DAP-2020 Affected: 1.01rc001
    Create a notification for this product.
    Credits
    chung96vn of Vietnam National Cyber Security Center
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:26:54.228Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-976/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DAP-2020",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.01rc001"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "chung96vn of Vietnam National Cyber Security Center"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to the webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-12103."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-25T17:10:45.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-976/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2021-34860",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DAP-2020",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.01rc001"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "credit": "chung96vn of Vietnam National Cyber Security Center",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to the webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-12103."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201",
                  "refsource": "MISC",
                  "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-976/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-976/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2021-34860",
        "datePublished": "2021-10-25T17:10:45.000Z",
        "dateReserved": "2021-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:26:54.228Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }