CVE-2008-4133

Опубликовано: 19 сент. 2008

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0133.html
http://secunia.com/advisories/31767
Vendor Advisory
http://securityreason.com/securityalert/4276
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3808
http://www.securityfocus.com/archive/1/496072/100/0/threaded
http://www.securityfocus.com/bid/31050
http://www.securitytracker.com/id?1020825
https://exchange.xforce.ibmcloud.com/vulnerabilities/44961
http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0133.html
http://secunia.com/advisories/31767
Vendor Advisory
http://securityreason.com/securityalert/4276
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3808
http://www.securityfocus.com/archive/1/496072/100/0/threaded
http://www.securityfocus.com/bid/31050
http://www.securitytracker.com/id?1020825
https://exchange.xforce.ibmcloud.com/vulnerabilities/44961

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:d-link:dir-100:1.02:*:*:*:*:*:*:*

cpe:2.3:h:d-link:dir-100:1.12:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.08883

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-v8vp-mfx5-jp4x

github

почти 4 года назад