Lucene search
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.DLINK_CVE-2020-29557.NASLHistoryNov 12, 2021 - 12:00 a.m.
D-Link DIR-825 R1 Device < 3.0.2 RCE (CVE-2020-29557)
2021-11-1200:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
77
A remote code execution vulnerability exists in D-Link DIR-825 R1 devices. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(155305);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/25");
script_cve_id("CVE-2020-29557");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/03");
script_name(english:"D-Link DIR-825 R1 Device < 3.0.2 RCE (CVE-2020-29557)");
script_set_attribute(attribute:"synopsis", value:
"The remote router is affected by a remote code execution vulnerability.");
script_set_attribute(attribute:"description", value:
"A remote code execution vulnerability exists in D-Link DIR-825 R1 devices. An unauthenticated, remote attacker can
exploit this to bypass authentication and execute arbitrary commands.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.dlink.ru/ru/download2/5/19/2354/441/");
script_set_attribute(attribute:"solution", value:
"Upgrade to D-Link DIR-825 3.0.2 later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-29557");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/09/13");
script_set_attribute(attribute:"patch_publication_date", value:"2020/12/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/11/12");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:d-link:dir-825");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("dlink_dir_www_detect.nbin");
script_require_keys("installed_sw/DLink DIR");
script_require_ports("Services/www", 80, 8080, 8181, 443, 8443);
exit(0);
}
include('vcf.inc');
include('http.inc');
var port = get_http_port(default:80, embedded:TRUE);
var app_info = vcf::get_app_info(app:'DLink DIR', port:port, webapp:TRUE);
if (empty_or_null(app_info['model']) ||
'DIR-825' >!< app_info['model'])
audit(AUDIT_DEVICE_NOT_VULN, 'DLink DIR model');
var constraints = [
{ 'fixed_version' : '3.0.2' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Related
cisa_kev
cisa_kev
D-Link DIR-825 R1 Devices Buffer Overflow Vulnerability
2021-11-03 00:00:00
prion
prion
Buffer overflow
2021-01-29 20:15:00
checkpoint_advisories
checkpoint_advisories
D-Link Dir-825 Buffer Overflow (CVE-2020-29557)
2021-03-24 00:00:00
cve
cve
CVE-2020-29557
2021-01-29 20:15:00
attackerkb
attackerkb
CVE-2020-29557
2021-01-29 00:00:00
threatpost
threatpost
Auth Bypass Bug Exploited, Millions of Routers Affected
2021-08-09 19:41:30
thn
thn
Related for DLINK_CVE-2020-29557.NASL