CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
77.7%
D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass authentication and log in with administrator permissions by passing the cgi_set_wto command in the cmd parameter, and setting the spawned session’s cookie to username=admin.
Vendor | Product | Version | CPE |
---|---|---|---|
dlink | dns-322l | - | cpe:2.3:h:dlink:dns-322l:-:*:*:*:*:*:*:* |
d-link | dns-322l_firmware | * | cpe:2.3:o:d-link:dns-322l_firmware:*:*:*:*:*:*:*:* |
dlink | dns-325 | - | cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:* |
d-link | dns-325_firmware | * | cpe:2.3:o:d-link:dns-325_firmware:*:*:*:*:*:*:*:* |
dlink | dns-345 | - | cpe:2.3:h:dlink:dns-345:-:*:*:*:*:*:*:* |
d-link | dns-345_firmware | * | cpe:2.3:o:d-link:dns-345_firmware:*:*:*:*:*:*:*:* |
dlink | dns-320b | - | cpe:2.3:h:dlink:dns-320b:-:*:*:*:*:*:*:* |
d-link | dns-320b_firmware | * | cpe:2.3:o:d-link:dns-320b_firmware:*:*:*:*:*:*:*:* |
dlink | dnr-326 | - | cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:* |
d-link | dnr-326_firmware | * | cpe:2.3:o:d-link:dnr-326_firmware:*:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
77.7%