Lucene search

ZdiCVELIST:CVE-2020-27863

HistoryFeb 11, 2021 - 11:35 p.m.

CVE-2020-27863

2021-02-1123:35:37

CWE-288

zdi

www.cve.org

vulnerability

d-link

routers

disclosure

sensitive information

authentication

exploit

dhttpd

tcp

port 8008

string matching logic

stored credentials

compromise

zdi-can-10912

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

60.9%

JSON

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-10912.

CNA Affected

[
  {
    "product": "Multiple Routers",
    "vendor": "D-Link",
    "versions": [
      {
        "status": "affected",
        "version": "firmeware version 2.3"
      }
    ]
  }
]

References

supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10196

www.zerodayinitiative.com/advisories/ZDI-20-1427/

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

60.9%

JSON

Related for CVELIST:CVE-2020-27863