CVE-2019-18666 - Vulnerability Details - OpenCVE

An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested. Versions through 6.12b01 have weak root credentials, allowing an attacker to gain remote root access. After 6.12b01, the root credentials were changed but the telnet service can still be started without authorization.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dlink	Dap-1360 Revision F Dap-1360 Revision F Firmware

Configuration 1 [-]

AND

cpe:2.3:o:dlink:dap-1360_revision_f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dap-1360_revision_f:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://c1a.eu/dlink-dap-1360.html
https://daschloer.github.io/sec/dlink-dap-1360.html
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10171

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-05-15T17:18:44

Updated: 2024-08-05T01:54:14.602Z

Reserved: 2019-11-02T00:00:00

Link: CVE-2019-18666

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-05-15T18:15:13.010

Modified: 2024-11-21T04:33:29.393

Link: CVE-2019-18666

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested. Versions through 6.12b01 have weak root credentials, allowing an attacker to gain remote root access. After 6.12b01, the root credentials were changed but the telnet service can still be started without authorization."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-05-15T17:18:44", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://c1a.eu/dlink-dap-1360.html"}, {"tags": ["x_refsource_MISC"], "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10171"}, {"tags": ["x_refsource_MISC"], "url": "https://daschloer.github.io/sec/dlink-dap-1360.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-18666", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested. Versions through 6.12b01 have weak root credentials, allowing an attacker to gain remote root access. After 6.12b01, the root credentials were changed but the telnet service can still be started without authorization."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://c1a.eu/dlink-dap-1360.html", "refsource": "MISC", "url": "http://c1a.eu/dlink-dap-1360.html"}, {"name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10171", "refsource": "MISC", "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10171"}, {"name": "https://daschloer.github.io/sec/dlink-dap-1360.html", "refsource": "MISC", "url": "https://daschloer.github.io/sec/dlink-dap-1360.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T01:54:14.602Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://c1a.eu/dlink-dap-1360.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10171"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://daschloer.github.io/sec/dlink-dap-1360.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-18666", "datePublished": "2020-05-15T17:18:44", "dateReserved": "2019-11-02T00:00:00", "dateUpdated": "2024-08-05T01:54:14.602Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dap-1360_revision_f_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF25920-0137-423F-8D6D-6509D59DC2D0", "versionEndIncluding": "6.12b01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dap-1360_revision_f:-:*:*:*:*:*:*:*", "matchCriteriaId": "013E7007-A652-4B77-A274-975D7387ABAD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested. Versions through 6.12b01 have weak root credentials, allowing an attacker to gain remote root access. After 6.12b01, the root credentials were changed but the telnet service can still be started without authorization."}, {"lang": "es", "value": "Se ha detectado un problema en los dispositivos D-Link DAP-1360 revision F. Los atacantes remotos pueden iniciar un servicio telnet sin autorizaci\u00f3n por medio de una petici\u00f3n HTTP no documentada. Aunque \u00e9sta es la principal vulnerabilidad, el impacto depende de la versi\u00f3n del firmware. Las versiones 609EU a 613EUbeta fueron probadas. Las versiones hasta la 6.12b01 contienen credenciales root d\u00e9biles, permitiendo a un atacante conseguir acceso root remoto. Despu\u00e9s de la versi\u00f3n 6.12b01, las credenciales root fueron cambiadas pero el servicio telnet todav\u00eda puede ser iniciado sin autorizaci\u00f3n."}], "id": "CVE-2019-18666", "lastModified": "2024-11-21T04:33:29.393", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-15T18:15:13.010", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "http://c1a.eu/dlink-dap-1360.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://daschloer.github.io/sec/dlink-dap-1360.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10171"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "http://c1a.eu/dlink-dap-1360.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://daschloer.github.io/sec/dlink-dap-1360.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10171"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Primary"}]}