exploitDog

CVE-2018-9284

Опубликовано: 04 апр. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

authentication.cgi on D-Link DIR-868L devices with Singapore StarHub firmware before v1.21SHCb03 allows remote attackers to execute arbitrary code.

Ссылки

http://www.dlink.com.sg/dir-868l/#firmware
Patch
Vendor Advisory
https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in--d-link-router-dir868.html
Patch
Third Party Advisory
http://www.dlink.com.sg/dir-868l/#firmware
Patch
Vendor Advisory
https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in--d-link-router-dir868.html
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:dlink:singapore_starhub_firmware:*:*:*:*:*:*:*:*

Версия до 1.21shcb03 (исключая)

cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04018

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-gr28-m88c-26mj

CVSS3: 9.8

github

больше 3 лет назад

authentication.cgi on D-Link DIR-868L devices with Singapore StarHub firmware before v1.21SHCb03 allows remote attackers to execute arbitrary code.

EPSS

Процентиль: 88%

0.04018

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-119