Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-5945
HistoryFeb 11, 2020 - 12:15 p.m.

CVE-2013-5945

2020-02-1112:15:11
CWE-89
[email protected]
web.nvd.nist.gov
32
cve
2013
5945
sql injection
d-link
dsr-150
firmware
remote attackers
execute
arbitrary commands
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.6%

JSON

Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allow remote attackers to execute arbitrary SQL commands via the password to (1) the login.authenticate function in share/lua/5.1/teamf1lualib/login.lua or (2) captivePortal.lua.

Affected configurations

NVD
Node
dlinkdsr-150_firmwareRange<1.08b44
AND
dlinkdsr-150Match-
Node
dlinkdsr-150n_firmwareRange<1.05b64
AND
dlinkdsr-150nMatch-
Node
dlinkdsr-250_firmwareRange<1.08b44
AND
dlinkdsr-250Match-
Node
dlinkdsr-250n_firmwareRange<1.08b44
AND
dlinkdsr-250nMatch-
Node
dlinkdsr-500_firmwareRange<1.08b77
AND
dlinkdsr-500Match-
Node
dlinkdsr-500n_firmwareRange<1.08b77
AND
dlinkdsr-500nMatch-
Node
dlinkdsr-1000_firmwareRange<1.08b77
AND
dlinkdsr-1000Match-
Node
dlinkdsr-1000n_firmwareRange<1.08b77
AND
dlinkdsr-1000nMatch-

Related

prion 1
nvd 1
cvelist 1
seebug 2
zdt 1
exploitpack 1
packetstorm 1
exploitdb 1
openvas 1
prion
prion
Sql injection
2020-02-11 12:15:00
nvd
nvd
CVE-2013-5945
2020-02-11 12:15:11
cvelist
cvelist
CVE-2013-5945
2020-02-11 01:54:15
seebug
seebug
D-Link倚δΈͺ产品SQL注ε…₯漏洞
2013-12-17 00:00:00
D-Link DSR Router Series - Remote Root Shell Exploit
2014-07-01 00:00:00
zdt
zdt
D-Link DSR Router Series - Remote Root Shell Exploit
2013-12-07 00:00:00
exploitpack
exploitpack
D-Link DSR Router Series - Remote Command Execution
2013-12-06 00:00:00
packetstorm
packetstorm
D-Link DSR Router Remote Root Shell
2013-12-07 00:00:00
exploitdb
exploitdb
D-Link DSR Router Series - Remote Command Execution
2013-12-06 00:00:00
openvas
openvas
D-Link DSR Router Series SQL Injection Vulnerability
2013-12-23 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.6%

JSON
Related for CVE-2013-5945
prion1nvd1cvelist1seebug2zdt1exploitpack1packetstorm1exploitdb1openvas1