Lucene search

K
cve[email protected]CVE-2015-1187
HistorySep 21, 2017 - 4:29 p.m.

CVE-2015-1187

2017-09-2116:29:00
CWE-287
web.nvd.nist.gov
838
In Wild
4
cve-2015-1187
ping tool
remote attackers
arbitrary code execution
d-link
trendnet
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.938 High

EPSS

Percentile

99.1%

The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.

Affected configurations

NVD
Node
dlinkdir-626l_firmwareMatch1.04b04
AND
dlinkdir-626lMatch-
Node
dlinkdir-636l_firmwareMatch1.04
AND
dlinkdir-636lMatch-
Node
dlinkdir-808l_firmwareMatch1.03b05
AND
dlinkdir-808lMatch-
Node
dlinkdir-810l_firmwareMatch1.01b04
AND
dlinkdir-810lMatch-
Node
dlinkdir-810l_firmwareMatch2.02b01
AND
dlinkdir-810lMatch-
Node
dlinkdir-820l_firmwareMatch1.02b10
AND
dlinkdir-820lMatch-
Node
dlinkdir-820l_firmwareMatch1.05b03
AND
dlinkdir-820lMatch-
Node
dlinkdir-820l_firmwareMatch2.01b02
AND
dlinkdir-820lMatch-
Node
dlinkdir-826l_firmwareMatch1.00b23
AND
dlinkdir-826lMatch-
Node
dlinkdir-830l_firmwareMatch1.00b07
AND
dlinkdir-830lMatch-
Node
dlinkdir-836l_firmwareMatch1.01b03
AND
dlinkdir-836lMatch-
Node
trendnettew-731br_firmwareMatch2.01b01
AND
trendnettew-731brMatch-
Node
dlinkdir-651_firmwareMatch1.10nab02
AND
dlinkdir-651Match-
Node
trendnettew-651br_firmwareMatch-
AND
trendnettew-651brMatch-
Node
trendnettew-652br_firmwareMatch-
AND
trendnettew-652brMatch-
Node
trendnettew-711br_firmwareMatch1.00b31
AND
trendnettew-711brMatch-
Node
trendnettew-810dr_firmwareMatch1.00b19
AND
trendnettew-810drMatch-
Node
trendnettew-813dru_firmwareMatch1.00b23
AND
trendnettew-813druMatch-

Social References

More

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.938 High

EPSS

Percentile

99.1%