Executive Summary

Informations
NameCVE-2017-17065First vendor Publication2017-11-30
VendorCveLast vendor Modification2017-12-20

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (device crash) or possibly have unspecified other impact by sending a sufficiently long string in the password field of the HTTP Basic Authentication section of the HTTP request.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17065

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware1

Sources (Detail)

SourceUrl
CONFIRM ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-605L/REVB/DIR-605L_REVB_FIRMWAR...

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2017-12-21 00:22:52
  • Multiple Updates
2017-11-30 21:22:33
  • First insertion