Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2013-7471

Published: 11/06/2019 Updated: 23/04/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Dlink

Vulnerability Summary

An issue exists in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalClient, NewExternalPort, or NewInternalPort element of a SOAP POST request.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dlink dir-300_firmware 2.14b01

dlink dir-600_firmware

dlink dir-645_firmware

dlink dir-845_firmware

dlink dir-865_firmware 1.05b03

Vendor Advisories

Check Point Security Alerts: D-Link DIR-300 Firmware Command Injection (CVE-2013-7471)
Check Point Reference: CPAI-2013-3912 Date Published: 12 Mar 2024 Severity: Critical ...

References

CWE-77https://www.exploit-db.com/exploits/27044http://www.s3cur1ty.de/m1adv2013-020https://nvd.nist.govhttps://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2013-3912.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook