{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32152", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2023-05-03T20:10:47.060Z", "datePublished": "2024-05-03T01:56:36.008Z", "dateUpdated": "2024-09-18T18:28:18.459Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-09-18T18:28:18.459Z"}, "title": "D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability", "descriptions": [{"lang": "en", "value": "D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-19549."}], "affected": [{"vendor": "D-Link", "product": "DIR-2640", "versions": [{"version": "1.11B02 (non-US, CA version)", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-303", "description": "CWE-303: Incorrect Implementation of Authentication Algorithm", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-544/", "name": "ZDI-23-544", "tags": ["x_research-advisory"]}, {"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2023-05-03T15:16:43.026-05:00", "datePublic": "2023-05-04T17:16:38.365-05:00", "source": {"lang": "en", "value": "Anonymous"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}]}, "adp": [{"affected": [{"vendor": "d-link", "product": "dir-2640-us", "cpes": ["cpe:2.3:h:d-link:dir-2640-us:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "v1.11B02", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "v1.11B02 Beta01", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-08T17:52:09.343764Z", "id": "CVE-2023-32152", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-05T19:37:00.302Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:10:23.646Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-544/", "name": "ZDI-23-544", "tags": ["x_research-advisory", "x_transferred"]}, {"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323", "name": "vendor-provided URL", "tags": ["vendor-advisory", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32152", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2023-05-03T20:10:47.060Z", "datePublished": "2024-05-03T01:56:36.008Z", "dateUpdated": "2024-06-05T19:37:00.302Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-05-03T01:56:36.008Z"}, "title": "D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability", "descriptions": [{"lang": "en", "value": "D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19549."}], "affected": [{"vendor": "D-Link", "product": "DIR-2640", "versions": [{"version": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-303", "description": "CWE-303: Incorrect Implementation of Authentication Algorithm", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-544/", "name": "ZDI-23-544", "tags": ["x_research-advisory"]}, {"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2023-05-03T15:16:43.026-05:00", "datePublic": "2023-05-04T17:16:38.365-05:00", "source": {"lang": "en", "value": "Anonymous"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-32152", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-08T17:52:09.343764Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:d-link:dir-2640-us:-:*:*:*:*:*:*:*"], "vendor": "d-link", "product": "dir-2640-us", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "v1.11B02"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "v1.11B02 Beta01"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-08T17:51:57.275Z"}}]}}

{"descriptions": [{"lang": "en", "value": "D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-19549."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n de contrase\u00f1a de inicio de sesi\u00f3n de D-Link DIR-2640 HNAP. Esta vulnerabilidad permite a atacantes adyacentes a la red eludir la autenticaci\u00f3n en las instalaciones afectadas de los enrutadores D-Link DIR-2640. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro de la interfaz de administraci\u00f3n web, que escucha en el puerto TCP 80 de forma predeterminada. Una solicitud de inicio de sesi\u00f3n especialmente manipulada puede hacer que la autenticaci\u00f3n se realice correctamente sin proporcionar las credenciales adecuadas. Un atacante puede aprovechar esta vulnerabilidad para eludir la autenticaci\u00f3n en el sistema. Era ZDI-CAN-19549."}], "id": "CVE-2023-32152", "lastModified": "2024-11-21T08:02:48.323", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}, "published": "2024-05-03T02:15:19.670", "references": [{"source": "zdi-disclosures@trendmicro.com", "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323"}, {"source": "zdi-disclosures@trendmicro.com", "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-544/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-544/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-303"}], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}

{}