Lucene search

[email protected]CVE-2013-2271

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-2271

2022-10-0316:15:02

CWE-264

[email protected]

web.nvd.nist.gov

cve-2013-2271

d-link

dsl-2740b

firmware

eu_1.0

authentication bypass

remote access

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.9%

JSON

The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to login.cgi.

Affected configurations

NVD

Node

dlinkdsl-2740b_firmwareMatch-

AND

dlinkdsl-2740bMatch-

CPENameOperatorVersion
dlink:dsl-2740b_firmwaredlink dsl-2740b firmwareeq-
dlink:dsl-2740bdlink dsl-2740beq-

CPE	Name	Operator	Version
dlink:dsl-2740b_firmware	dlink dsl-2740b firmware	eq	-
dlink:dsl-2740b	dlink dsl-2740b	eq	-

References

packetstormsecurity.com/files/120613/dlinkdsl2740b-bypass.txt

securityadvisories.dlink.com/security/publication.aspx?name=SAP10004

www.webapp-security.com/2013/03/d-link-dsl-2740b-adsl-router-authentication-bypass

www.webapp-security.com/wp-content/uploads/2013/03/D-Link-DSL-2740B-ADSL-Router-Authentication-Bypass2.txt

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.9%

JSON

Related for CVE-2013-2271

zdt1 seebug1 nvd1 exploitpack1 packetstorm1 cvelist1 prion1 exploitdb1