Executive Summary

Summary
Title D-Link DAP-1320 Rev Ax is vulnerable to a command injection
Informations
Name VU#184100 First vendor Publication 2015-03-16
Vendor VU-CERT Last vendor Modification 2015-03-16
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#184100

D-Link DAP-1320 Rev Ax is vulnerable to a command injection

Original Release date: 16 Mar 2015 | Last revised: 16 Mar 2015

Overview

The D-Link DAP-1320 Rev Ax firmware update mechanism contains a command injection vulnerability.

Description

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

A remote unauthenticated attacker may execute commands on the device by taking advantage of the firmware update mechanism. This attack does require interception and manipulation of network communications using commonly available tools.

The D-Link DAP-1320 Rev Ax firmware version 1.11 (released 22 Dec 2013) has been shown to be vulnerable. Other firmware versions prior to version 1.21b05 may also be vulnerable.

Impact

A remote unauthenticated attacker may execute commands on the device by taking advantage of the firmware update mechanism.

Solution

Update the firmware

According to D-Link's security advisory, users should update the firmware of affected devices to version 1.21b05.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
D-Link Systems, Inc.Affected-13 Mar 2015
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base10.0AV:N/AC:L/Au:N/C:C/I:C/A:C
Temporal7.8E:POC/RL:OF/RC:C
Environmental5.9CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

  • http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2050
  • http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050

Credit

Thanks to Mike Baucom, Allen Harper, and J. Rach of Tangible Security for discovering and reporting this vulnerability. Tangible Security would also like to publically thank D-Link for their cooperation and desire to make their products and customers more secure.

This document was written by Garret Wassermann.

Other Information

  • CVE IDs:CVE-2015-2050
  • Date Public:13 Mar 2015
  • Date First Published:16 Mar 2015
  • Date Last Updated:16 Mar 2015
  • Document Revision:17

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/184100

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2015-03-16 21:25:08
  • First insertion