Security Bypass Vulnerability in D-Link DIR-100 Router
CVE-2013-7052

9.8CRITICAL

Key Information:

Vendor
D-Link
Status
Dir-100 Firmware
Vendor
CVE Published:
4 February 2020

Summary

The D-Link DIR-100 router is susceptible to a security bypass vulnerability that results from a flaw in the cliget.cgi script. Attackers exploiting this vulnerability can bypass authentication mechanisms, potentially gaining unauthorized access to the device's configuration settings and network. This type of vulnerability poses significant risks to users as it can facilitate further attacks on the network or devices connected to it. Users of affected versions are highly encouraged to apply available security updates and implement strong security measures to mitigate risks. Leveraging robust network security practices is crucial to safeguard against such vulnerabilities.

References

http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/90902
x_refsource_MISC
https://www.securityfocus.com/bid/65290
x_refsource_MISC

EPSS Score

27% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.