CVE-2020-13960 - OpenCVE

D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dlink	Dir-600m Dir-600m Firmware Dsl-2730u Dsl-2730u Firmware

Configuration 1 [-]

AND

cpe:2.3:h:dlink:dsl-2730u:-:*:*:*:*:*:*:*

cpe:2.3:o:dlink:dsl-2730u_firmware:in_1.10:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:dlink:dir-600m:-:*:*:*:*:*:*:*

cpe:2.3:o:dlink:dir-600m_firmware:3.04:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://harigovind.org/articles/who-is-hijacking-my-nxdomains/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-06-08T19:26:41

Updated: 2024-08-04T12:32:14.443Z

Reserved: 2020-06-08T00:00:00

Link: CVE-2020-13960

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-06-08T20:15:11.633

Modified: 2021-04-23T15:15:21.793

Link: CVE-2020-13960

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-08T19:26:41", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://harigovind.org/articles/who-is-hijacking-my-nxdomains/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-13960", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://harigovind.org/articles/who-is-hijacking-my-nxdomains/", "refsource": "MISC", "url": "https://harigovind.org/articles/who-is-hijacking-my-nxdomains/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:32:14.443Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://harigovind.org/articles/who-is-hijacking-my-nxdomains/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-13960", "datePublished": "2020-06-08T19:26:41", "dateReserved": "2020-06-08T00:00:00", "dateUpdated": "2024-08-04T12:32:14.443Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dsl-2730u:-:*:*:*:*:*:*:*", "matchCriteriaId": "57EAA6ED-2686-4C92-A438-C58AFF75CC50", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dsl-2730u_firmware:in_1.10:*:*:*:*:*:*:*", "matchCriteriaId": "1090FABA-819F-4E99-A233-9FAA757041F8", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-600m:-:*:*:*:*:*:*:*", "matchCriteriaId": "D17C8001-4987-4A70-84C8-5AFF6F196BFB", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-600m_firmware:3.04:*:*:*:*:*:*:*", "matchCriteriaId": "0B7D2E32-92FB-4F68-94A3-FA129A51604C", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name."}, {"lang": "es", "value": "Los dispositivos D-Link DSL 2730-U versiones IN_1.10 e IN_1.11 y DIR-600M versiones 3.04, poseen la cadena domain.name en la ruta de b\u00fasqueda de resolutor DNS por defecto, lo que permite a atacantes remotos proveer respuestas DNS v\u00e1lidas (y tambi\u00e9n ofrecer servicios de Internet tales como HTTP) para nombres que de otro modo habr\u00edan tenido un error NXDOMAIN, al registrar un subdominio del nombre de dominio domain.name"}], "id": "CVE-2020-13960", "lastModified": "2021-04-23T15:15:21.793", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-08T20:15:11.633", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://harigovind.org/articles/who-is-hijacking-my-nxdomains/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}