Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

D-LINK Central WifiManager (CWM 100) 1.03 r0098 Man-In-The-Middle Vulnerability

🗓️ 09 Nov 2018 00:00:00Reported by hyp3rlinxType 
zdt
 zdt🔗 0day.today👁 224 Views

D-LINK CWM-100 1.03 r0098 FTP Server PORT Bounce Scan Vulnerabilit

Related
Code
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the FTP Server component of the software controller in D-Link Central WiFi Manager allows a hacker to scan network ports and execute a “man-in-the-middle” attack.
22 Jan 201900:00
bdu_fstec
CNVD		D-LINK Central WifiManager CWM-100 FTP Server Port Bounce Scanning Vulnerability
12 Nov 201800:00
cnvd
CVE		CVE-2018-15516
31 Jan 201919:00
cve
Cvelist		CVE-2018-15516
31 Jan 201919:00
cvelist
EUVD		EUVD-2018-7393
7 Oct 202500:30
euvd
NVD		CVE-2018-15516
31 Jan 201919:29
nvd
OSV		CVE-2018-15516
31 Jan 201919:29
osv
Packet Storm		D-LINK Central WifiManager (CWM 100) 1.03 r0098 Man-In-The-Middle
9 Nov 201800:00
packetstorm
Prion		Server side request forgery (ssrf)
31 Jan 201919:29
prion
Positive Technologies		PT-2018-2192 · D Link · D-Link Central Wifimanager Cwm-100
9 Aug 201800:00
ptsecurity
Rows per page
[+] Credits: John Page (aka hyp3rlinx)    
[+] Website: hyp3rlinx.altervista.org
[+] Source:  http://hyp3rlinx.altervista.org/advisories/DLINK-CENTRAL-WIFI-MANAGER-CWM-100-FTP-SERVER-PORT-BOUNCE-SCAN.txt
[+] ISR: ApparitionSec          
 

***Greetz: indoushka | Eduardo B.***


[Vendor]
us.dlink.com


[Product]
D-LINK Central WifiManager (CWM 100)
Version 1.03 r0098
http://us.dlink.com/products/business-solutions/central-wifimanager-software-controller/

D-Links free Central WiFiManager is a web-based wireless Access Point management tool, enabling you to create and manage multi-site, multi-tenancy wireless networks.


[Vulnerability Type]
FTP Server PORT Bounce Scan


[CVE Reference]
CVE-2018-15516


[Security Issue]
The FTP Server component of the D-LINK Central WifiManager can be used as a man-in-the-middle machine allowing PORT Command bounce scan attacks.
This vulnerability allows remote attackers to abuse your network and discreetly conduct network port scanning. Victims will then think these
scans are originating from the D-LINK network running the afflicted FTP Server and not you.


[Exploit/POC]
D-LINK CWM-100 FTP Server listens on port 9000 (default), default creds are "admin" "admin"

nmap -v -b admin:[email protected]:9000  <TARGET-IP> -p 21,22,23,53,445


[POC Video URL]
https://vimeo.com/299797225

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
09 Nov 2018 00:00Current
0.5Low risk
Vulners AI Score0.5
CVSS 23.5
CVSS 35.8
EPSS0.02276
d-link central wifimanagervulnerabilityftp serverport bounce scanman-in-the-middlenetworkexploitnmappoc video
224