54 lines
1.6 KiB
YAML
54 lines
1.6 KiB
YAML
id: CVE-2021-42627
|
|
|
|
info:
|
|
name: D-Link DIR-615 - Unauthorized Access
|
|
author: For3stCo1d
|
|
severity: critical
|
|
description: |
|
|
D-Link DIR-615 devices with firmware 20.06 are susceptible to unauthorized access. An attacker can access the WAN configuration page wan.htm without authentication, which can lead to disclosure of WAN settings, data modification, and/or other unauthorized operations.
|
|
remediation: |
|
|
Apply the latest firmware update provided by D-Link to fix the vulnerability and ensure strong and unique passwords are set for router administration.
|
|
reference:
|
|
- https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627
|
|
- https://www.dlink.com/en/security-bulletin/
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2021-42627
|
|
- http://d-link.com
|
|
- http://dlink.com
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
|
cvss-score: 9.8
|
|
cve-id: CVE-2021-42627
|
|
epss-score: 0.05762
|
|
epss-percentile: 0.92386
|
|
cpe: cpe:2.3:o:dlink:dir-615_firmware:20.06:*:*:*:*:*:*:*
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
vendor: dlink
|
|
product: dir-615_firmware
|
|
shodan-query: http.title:"Roteador Wireless"
|
|
tags: cve,cve2021,d-link,router,unauth,dir-615,roteador
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/wan.htm"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");"
|
|
- "var ipv6conntype"
|
|
condition: and
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- Virtual Web
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|