CVE-2014-7857 : D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-

D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass authentication and log in with administrator permissions by passing the cgi_set_wto command in the cmd parameter, and setting the spawned session's cookie to username=admin.

Published 2017-08-25 18:29:00

Updated 2023-04-26 18:55:31

Source MITRE

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Products affected by CVE-2014-7857

D-link » Dns-322l Firmware
Versions up to, including, (<=) 2.00b07
cpe:2.3:o:d-link:dns-322l_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Dlink » Dns-322l » Version: N/A
D-link » Dns-325 Firmware
Versions up to, including, (<=) 1.05b03
cpe:2.3:o:d-link:dns-325_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Dlink » Dns-325 » Version: N/A
D-link » Dns-345 Firmware
Versions up to, including, (<=) 1.03b06
cpe:2.3:o:d-link:dns-345_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Dlink » Dns-345 » Version: N/A
D-link » Dns-320b Firmware
Versions up to, including, (<=) 1.02b01
cpe:2.3:o:d-link:dns-320b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Dlink » Dns-320b » Version: N/A
D-link » Dnr-326 Firmware
Versions up to, including, (<=) 1.40b03
cpe:2.3:o:d-link:dnr-326_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Dlink » Dnr-326 » Version: N/A
D-link » Dns-327l Firmware
Versions up to, including, (<=) 1.02
cpe:2.3:o:d-link:dns-327l_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Dlink » Dns-327l » Version: N/A
D-link » Dns-320l Firmware
Versions up to, including, (<=) 1.03b04
cpe:2.3:o:d-link:dns-320l_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Dlink » Dns-320l » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2014-7857

EPSS FAQ

1.96%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 82 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-7857

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2014-7857

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-7857

http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf

Technical Description

CVEs referencing this url
http://www.securityfocus.com/archive/1/535626/100/200/threaded

SecurityFocus

CVEs referencing this url
http://www.securityfocus.com/bid/74880

Multiple D-Link Products CVE-2014-7857 Multiple Authentication Bypass Vulnerabilities
Third Party Advisory;VDB Entry
http://seclists.org/fulldisclosure/2015/May/125

Mailing List;Third Party Advisory;VDB Entry

CVEs referencing this url
http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html

D-Link Bypass / Buffer Overflow ≈ Packet Storm
Third Party Advisory;VDB Entry

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2014-7857

Products affected by CVE-2014-7857

Exploit prediction scoring system (EPSS) score for CVE-2014-7857

CVSS scores for CVE-2014-7857

CWE ids for CVE-2014-7857

References for CVE-2014-7857