nvd-json-data-feeds/CVE-2017/CVE-2017-84xx/CVE-2017-8417.json

{
  "id": "CVE-2017-8417",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2019-07-02T21:15:10.633",
  "lastModified": "2021-04-26T16:23:38.513",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device requires that a user logging into the device provide a username and password. However, the device allows D-Link apps on the mobile devices and desktop to communicate with the device without any authentication. As a part of that communication, the device uses custom version of base64 encoding to pass data back and forth between the apps and the device. However, the same form of communication can be initiated by any process including an attacker process on the mobile phone or the desktop and this allows a third party to retrieve the device's password without any authentication by sending just 1 UDP packet with custom base64 encoding. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema en los dispositivos DCS-1100 y DCS-1130 de D-Link. El dispositivo requiere que un usuario que inicie sesi\u00f3n en el dispositivo suministre un nombre de usuario y contrase\u00f1a. Sin embargo, el dispositivo permite que las aplicaciones D-Link en los dispositivos m\u00f3viles y de escritorio se comuniquen con el dispositivo sin ninguna autenticaci\u00f3n. Como parte de esa comunicaci\u00f3n, el dispositivo utiliza una versi\u00f3n personalizada de la codificaci\u00f3n base64 para pasar datos en ambos sentidos entre las aplicaciones y el dispositivo. Sin embargo, la misma forma de comunicaci\u00f3n puede iniciarse mediante cualquier proceso, incluido un proceso de atacante en el tel\u00e9fono m\u00f3vil o el escritorio, lo que permite a un tercero recuperar la contrase\u00f1a del dispositivo sin ninguna autenticaci\u00f3n mediante el env\u00edo de solo 1 paquete UDP con codificaci\u00f3n base64 personalizada. La severidad de este ataque se incrementa por el hecho de que hay m\u00e1s de 100.000 dispositivos D-Link instalados."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "ADJACENT_NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
          "accessVector": "ADJACENT_NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.3
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:dlink:dcs-1100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "554817F7-7E3D-4D69-90AC-46D86056143B"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:dlink:dcs-1100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "704F9608-72CE-49C0-B7D2-F2FE84DF0C74"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:dlink:dcs-1130_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DB53465-4FE2-43EF-B2C6-839DFEA80D62"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:dlink:dcs-1130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A388EC-275D-4180-83E2-AD73F7EEB54F"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://packetstormsecurity.com/files/153226/Dlink-DCS-1130-Command-Injection-CSRF-Stack-Overflow.html",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Dlink_DCS_1130_security.pdf",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://seclists.org/bugtraq/2019/Jun/8",
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    }
  ]
}