{"id": "CVE-2016-1558", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-04-21T15:59:00.457", "references": [{"url": "http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cret@cert.org"}, {"url": "http://seclists.org/fulldisclosure/2016/Feb/112", "tags": ["Mailing List", "Third Party Advisory"], "source": "cret@cert.org"}, {"url": "http://www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559", "tags": ["Patch", "Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2016/Feb/112", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and earlier allows remote attackers to have unspecified impact via a crafted 'dlink_uid' cookie."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en D-Link DAP-2310 2.06 y versiones anteriores, DAP-2330 1.06 y versiones anteriores, DAP-2360 2.06 y versiones anteriores, DAP-2553 H/W ver. B1 3.05 y versiones anteriores, DAP-2660 1.11 y versiones anteriores, DAP-2690 3.15 y versiones anteriores, DAP-2695 1.16 y versiones anteriores, DAP-3320 1.00 y versiones anteriores y DAP-3662 1.01 a y versiones anteriores permite a atacantes remtostener un impacto no especificado a trav\u00e9s cookie 'dlink_uid' manipulado."}], "lastModified": "2024-11-21T02:46:38.180", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-3662_firmware:1.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE1CBBA1-46D0-4B78-B6E2-9AB2C7B0E00A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-3662:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "07645866-3B61-46AB-85C6-ED86F1B0D47F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-2310_firmware:2.06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B87254E-96DA-4092-8ECF-3B97B354C54E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-2310:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8C5F3D97-3CFE-41B9-9C8B-832445EA92B0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-2330_firmware:1.06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1BD62E9-2D8C-4379-9137-3D90AB69C027"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-2330:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9ABC8839-D62A-4AAB-A9D2-AFE95CBB9B17"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-2360_firmware:2.06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8222BDD-1D84-49A3-98C4-764EEF138676"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-2360:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E7AE9A88-AD97-41A5-9847-4282788EBB1E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-2553_firmware:3.05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "354F4B67-4745-4583-9C90-302BA16896DD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-2553:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "20BA9382-B0D4-4E7C-A198-067AA65AB190"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-2660_firmware:1.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E106E4B0-B7D6-4E28-AB44-F2FC4E677361"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-2660:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "41EFE653-296E-4E37-9DCC-BAF99C4AD2F3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-2690_firmware:3.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC533A11-6025-4FB0-A233-D0FB6E181414"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-2690:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B827A81-49A8-4AFD-943A-3F359615E49D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-2695_firmware:1.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B7C21D9-2E07-401D-A1A4-8494545170A7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-2695:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9039DA66-D624-4590-B236-101B775C5956"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-3320_firmware:1.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D85279DC-CC5A-4C6E-B1D4-C4C38DECF2A7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-3320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95D03B33-E8D6-4ED3-AED3-8FBDE80C74CB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-2230_firmware:1.02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E01B7D5-2AEF-498F-BBE6-C194B83D37B9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-2230:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7D4D13C-EB42-4FC0-BF16-AB8BDEA2E5A2"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cret@cert.org"}
