CVE-2013-4855

Опубликовано: 25 окт. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 7.9

EPSS Низкий

Описание

D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share.

Ссылки

https://www.ise.io/casestudies/exploiting-soho-routers/
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf
Third Party Advisory
https://www.ise.io/casestudies/exploiting-soho-routers/
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:dlink:dir-865l_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00299

Низкий

8.8 High

CVSS3

7.9 High

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-27mm-4p4v-5qpj