Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for dir865l_firmware by dlink

    CVE-2013-3096 (GCVE-0-2013-3096)

    Vulnerability from nvd – Published: 2020-02-07 18:36 – Updated: 2024-08-06 16:00
    VLAI
    Summary
    D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:00:09.659Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-07T18:36:46.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-3096",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
                  "refsource": "MISC",
                  "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
                },
                {
                  "name": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php",
                  "refsource": "MISC",
                  "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
                },
                {
                  "name": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/",
                  "refsource": "MISC",
                  "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-3096",
        "datePublished": "2020-02-07T18:36:46.000Z",
        "dateReserved": "2013-04-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:00:09.659Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3095 (GCVE-0-2013-3095)

    Vulnerability from nvd – Published: 2013-11-19 15:00 – Updated: 2024-09-17 02:47
    VLAI
    Summary
    Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:00:09.625Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10003"
              },
              {
                "name": "53064",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/53064"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityevaluators.com/content/case-studies/routers/dlink_dir865l.jsp"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-11-19T15:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10003"
            },
            {
              "name": "53064",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/53064"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityevaluators.com/content/case-studies/routers/dlink_dir865l.jsp"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-3095",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10003",
                  "refsource": "CONFIRM",
                  "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10003"
                },
                {
                  "name": "53064",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/53064"
                },
                {
                  "name": "http://securityevaluators.com/content/case-studies/routers/dlink_dir865l.jsp",
                  "refsource": "MISC",
                  "url": "http://securityevaluators.com/content/case-studies/routers/dlink_dir865l.jsp"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-3095",
        "datePublished": "2013-11-19T15:00:00.000Z",
        "dateReserved": "2013-04-17T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:47:57.440Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3096 (GCVE-0-2013-3096)

    Vulnerability from cvelistv5 – Published: 2020-02-07 18:36 – Updated: 2024-08-06 16:00
    VLAI
    Summary
    D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:00:09.659Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-07T18:36:46.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-3096",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
                  "refsource": "MISC",
                  "url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
                },
                {
                  "name": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php",
                  "refsource": "MISC",
                  "url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
                },
                {
                  "name": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/",
                  "refsource": "MISC",
                  "url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-3096",
        "datePublished": "2020-02-07T18:36:46.000Z",
        "dateReserved": "2013-04-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:00:09.659Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3095 (GCVE-0-2013-3095)

    Vulnerability from cvelistv5 – Published: 2013-11-19 15:00 – Updated: 2024-09-17 02:47
    VLAI
    Summary
    Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:00:09.625Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10003"
              },
              {
                "name": "53064",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/53064"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityevaluators.com/content/case-studies/routers/dlink_dir865l.jsp"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-11-19T15:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10003"
            },
            {
              "name": "53064",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/53064"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityevaluators.com/content/case-studies/routers/dlink_dir865l.jsp"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-3095",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10003",
                  "refsource": "CONFIRM",
                  "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10003"
                },
                {
                  "name": "53064",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/53064"
                },
                {
                  "name": "http://securityevaluators.com/content/case-studies/routers/dlink_dir865l.jsp",
                  "refsource": "MISC",
                  "url": "http://securityevaluators.com/content/case-studies/routers/dlink_dir865l.jsp"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-3095",
        "datePublished": "2013-11-19T15:00:00.000Z",
        "dateReserved": "2013-04-17T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:47:57.440Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }