CERTVU:377348D-Link DCS-93xL model family allows unrestricted upload
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.567 Medium
EPSS
Percentile
97.7%
Overview
The D-Link DCS-93xL family of devices (specifically the DCS-930L, DCS-931L, DCS-932L, and DCS-933L models) allows an attacker to upload arbitrary files from the attackers system.
Description
CWE-434: Unrestricted Upload of File with Dangerous Type
The D-Link DCS-93xL family of devices allows an attacker to upload arbitrary files from the attackers system. The attacker may specify the file location to write on the device. This could lead to data being created, modified, or deleted. It may also lead to arbitrary code execution.
The D-Link Firmware Version 1.04 (2014-04-21) has been found to be vulnerable. Other firmware versions may also be affected.
This firmware is used on the DCS-931L, DCS-930L, DCS-932L, and DCS-933L models.
Impact
A remote authenticated attacker can upload arbitrary files to the device’s file system. This could lead to data being created, modified, or deleted. It may also lead to arbitrary code execution.
Solution
Update the firmware
According to D-Link’s security advisory, users should update the firmware for affected device to the latest version.
Vendor Information
377348
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
D-Link Systems, Inc. Affected
Updated: March 13, 2015
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Vendor References
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 9 | AV:N/AC:L/Au:S/C:C/I:C/A:C |
| Temporal | 8.1 | E:POC/RL:U/RC:C |
| Environmental | 6.1 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
- <http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10049>
- <http://support.dlink.com/ProductInfo.aspx?m=DCS-930L>
- <http://support.dlink.com/ProductInfo.aspx?m=DCS-931L>
- <http://support.dlink.com/ProductInfo.aspx?m=DCS-932L>
- <http://support.dlink.com/ProductInfo.aspx?m=DCS-933L>
- <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2049>
Acknowledgements
Thanks to Mike Baucom, Allen Harper, and J. Rach of Tangible Security for discovering and reporting this vulnerability. Tangible Security would also like to publically thank D-Link for their cooperation and desire to make their products and customers more secure.
This document was written by Garret Wassermann.
Other Information
| CVE IDs: | CVE-2015-2049 |
|---|---|
| Date Public: | 2015-03-13 Date First Published: |
References
securityadvisories.dlink.com/security/publication.aspx?name=SAP10049
support.dlink.com/ProductInfo.aspx?m=DCS-930L
support.dlink.com/ProductInfo.aspx?m=DCS-931L
support.dlink.com/ProductInfo.aspx?m=DCS-932L
support.dlink.com/ProductInfo.aspx?m=DCS-933L
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2049
Related
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.567 Medium
EPSS
Percentile
97.7%