Vulnerability Details : CVE-2014-100005
Public exploit exists!
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account or (2) enable remote management via a crafted configuration module to hedwig.cgi, (3) activate new configuration settings via a SETCFG,SAVE,ACTIVATE action to pigwidgeon.cgi, or (4) send a ping via a ping action to diagnostic.php.
Vulnerability category: Cross-site request forgery (CSRF)
Products affected by CVE-2014-100005
- cpe:2.3:o:dlink:dir-600_firmware:*:*:*:*:*:*:*:*
CVE-2014-100005 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability
CISA required action:
This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.
CISA description:
D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.
Notes:
https://legacy.us.dlink.com/pages/product.aspx?id=4587b63118524aec911191cc81605283; https://nvd.nist.gov/vuln/detail/CVE-2014-100005
Added on
2024-05-16
Action due date
2024-06-06
Exploit prediction scoring system (EPSS) score for CVE-2014-100005
31.36%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-100005
-
D-Link DIR-645 / DIR-815 diagnostic.php Command Execution
Disclosure Date: 2013-03-05First seen: 2020-04-26exploit/linux/http/dlink_diagnostic_exec_noauthSome D-Link Routers are vulnerable to OS Command injection in the web interface. On DIR-645 versions prior 1.03 authentication isn't needed to exploit it. On version 1.03 authentication is needed in order to trigger the vulnerability, which has been fixed definitel
CVSS scores for CVE-2014-100005
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
|
8.0
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.1
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-08-01 |
|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST | 2024-08-13 |
CWE ids for CVE-2014-100005
-
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2014-100005
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/91794
D-Link DIR-600 settings cross-site request forgery CVE-2014-100005 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10018
D-Link Technical SupportPatch;Vendor Advisory
-
http://resources.infosecinstitute.com/csrf-unauthorized-remote-admin-access/
From CSRF to Unauthorized Remote Admin AccessExploit;Third Party Advisory
-
http://secunia.com/advisories/57304
Sign inBroken Link
Jump to