Vulnerability Description
An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm diagnostic interface, allowing attackers to inject arbitrary shell commands using backtick encapsulation. With default credentials, an attacker can exploit this blind injection vector to execute arbitrary commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dir-615H Firmware | <= 8.04 |
| Dlink | Dir-615H | - |
Related Weaknesses (CWE)
References
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/expExploit
- https://web.archive.org/web/20150921102603/http://www.s3cur1ty.de/m1adv2013-008Third Party Advisory
- https://www.exploit-db.com/exploits/24477Exploit
- https://www.exploit-db.com/exploits/25609Exploit
- https://www.vulncheck.com/advisories/d-link-legacy-os-command-injectionThird Party Advisory
- https://www.exploit-db.com/exploits/24477Exploit
FAQ
What is CVE-2013-10059?
CVE-2013-10059 is a vulnerability with a CVSS score of 7.2 (HIGH). An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sani...
How severe is CVE-2013-10059?
CVE-2013-10059 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-10059?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-615H Firmware, Dlink Dir-615H.