VAR-200304-0101
Vulnerability from variot - Updated: 2025-04-03 22:31Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to access the web server. The Belkin F5D5230-4 4-Port Cable/DSL Gateway Router is a hardware router for a home or small office. When a request for a service that has been remapped to the internal network is made via the WAN interface, and the origin is the internal network, the router reacts unpredictably. The origin address is rewritten as the IP address of the external interface by the device before being passed to the internal network. Upon receiving a request of this nature, the device will rewrite all future requests for services mapped to the WAN network, reporting their origin as that of the WAN interface. This is known to be an issue for requests for port 80, if port 80 has been remapped to a host within the internal network. This may potentially be exploited to obscure the origin of attacks against a webserver in the internal network
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0101",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "f5d5230-4 4-port cable dsl gateway router",
"scope": "eq",
"trust": 1.6,
"vendor": "belkin",
"version": "1.20.000"
},
{
"model": "f5d5230-4",
"scope": null,
"trust": 0.3,
"vendor": "belkin",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "4982"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-095"
},
{
"db": "NVD",
"id": "CVE-2002-1431"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Reported by M Freitas \u003cfreitasm@mailcity.com\u003e.",
"sources": [
{
"db": "BID",
"id": "4982"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-095"
}
],
"trust": 0.9
},
"cve": "CVE-2002-1431",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1431",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-5816",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1431",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200304-095",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-5816",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5816"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-095"
},
{
"db": "NVD",
"id": "CVE-2002-1431"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router\u0027s external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to access the web server. The Belkin F5D5230-4 4-Port Cable/DSL Gateway Router is a hardware router for a home or small office. \nWhen a request for a service that has been remapped to the internal network is made via the WAN interface, and the origin is the internal network, the router reacts unpredictably. The origin address is rewritten as the IP address of the external interface by the device before being passed to the internal network. Upon receiving a request of this nature, the device will rewrite all future requests for services mapped to the WAN network, reporting their origin as that of the WAN interface. \nThis is known to be an issue for requests for port 80, if port 80 has been remapped to a host within the internal network. This may potentially be exploited to obscure the origin of attacks against a webserver in the internal network",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1431"
},
{
"db": "BID",
"id": "4982"
},
{
"db": "VULHUB",
"id": "VHN-5816"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1431",
"trust": 2.0
},
{
"db": "BID",
"id": "4982",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200304-095",
"trust": 0.7
},
{
"db": "XF",
"id": "9324",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020609 PROBLEM WITH IP REPORTING - BELKIN CABLE/DSL ROUTER",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5816",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5816"
},
{
"db": "BID",
"id": "4982"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-095"
},
{
"db": "NVD",
"id": "CVE-2002-1431"
}
]
},
"id": "VAR-200304-0101",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5816"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:31:42.003000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1431"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4982"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/276256"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9324.php"
},
{
"trust": 0.3,
"url": "http://catalog.belkin.com/iwcatproductpage.process?merchant_id=\u0026section_id=2094\u0026pcount=\u0026product_id=113464\u0026section.section_path=%2froot%2fnetworki%2e%2e%2endcables%2fcabledsl%2e%2e%2eyrouters%2f"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5816"
},
{
"db": "BID",
"id": "4982"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-095"
},
{
"db": "NVD",
"id": "CVE-2002-1431"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5816"
},
{
"db": "BID",
"id": "4982"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-095"
},
{
"db": "NVD",
"id": "CVE-2002-1431"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-5816"
},
{
"date": "2002-06-10T00:00:00",
"db": "BID",
"id": "4982"
},
{
"date": "2003-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-095"
},
{
"date": "2003-04-11T04:00:00",
"db": "NVD",
"id": "CVE-2002-1431"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5816"
},
{
"date": "2009-07-11T13:56:00",
"db": "BID",
"id": "4982"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-095"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1431"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-095"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Belkin F5D5230-4 Inside the router Web Traffic Origin Obfuscation Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-095"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "4982"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-095"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…