04 Fév 2020

Vulnérabilité CVE-2013-7051 CVE Vulnerability

Publié par . Publié dans Vulnerabilities with exploits

D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters (CVSS:6.8) (Last Update:2020-02-04)

Vulnerability Details : (1 public exploit)

D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters
Publish Date : 2020-02-04 Last Update Date : 2020-02-04

- CVSS Scores & Vulnerability Types

CVSS Score	6.8
Confidentiality Impact	Partial(There is considerable informational disclosure.)
Integrity Impact	Partial(Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact	Partial(There is reduced performance or interruptions in resource availability.)
Access Complexity	Medium(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication	Not required(Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Bypass a restriction or similar
CWE ID	287

- Products Affected By CVE-2013-7051

#	Product Type	Vendor	Product	Version	Update	Edition	Language
No vulnerable product found. If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. Please check again in a few days.

- References For CVE-2013-7051

Exploit!http://www.exploit-db.com/exploits/31425
D-Link DIR-100 - Multiple Vulnerabilities Author:Felix Richter Release Date:2014-02-05 (hardware) webappsPort:80

https://exchange.xforce.ibmcloud.com/vulnerabilities/90904

https://www.securityfocus.com/bid/65290

http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt