Information Disclosure Vulnerability in D-Link DIR-100 Router
CVE-2013-7055

9.8CRITICAL

Key Information:

Vendor
D-Link
Status
Dir-100 Firmware
Vendor
CVE Published:
4 February 2020

Summary

The D-Link DIR-100 router version 4.03B07 is susceptible to an information disclosure vulnerability that exposes sensitive details, including PPTP and Power over Ethernet (PoE) settings. This flaw allows unauthorized users to access confidential information, potentially leading to further exploitation of the compromised system. Network administrators should apply available patches and monitor their environments to mitigate risks associated with this vulnerability.

References

http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/90903
x_refsource_MISC
https://www.securityfocus.com/bid/65290/info
x_refsource_MISC

EPSS Score

33% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.