CVE-2016-1558

Published on: 04/21/2017 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:05 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Dap-2230 from D-link contain the following vulnerability:

Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and earlier allows remote attackers to have unspecified impact via a crafted 'dlink_uid' cookie.

  • CVE-2016-1558 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as - currently rated as CRITICAL severity.

CVSS3 Score: 9.8 - CRITICAL

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 10 - HIGH

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
COMPLETE COMPLETE COMPLETE

CVE References

Description Tags Link
Full Disclosure: D-Link, Netgear Router Vulnerabiltiies Mailing List
Third Party Advisory
seclists.org
text/html
URL Logo FULLDISC 20160225 D-Link, Netgear Router Vulnerabiltiies
FIRMADYNE CVE-2016-1558 & CVE-2016-1559 | D-Link Patch
Vendor Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559
D-Link / Netgear FIRMADYNE Command Injection / Buffer Overflow ≈ Packet Storm Broken Link
Third Party Advisory
VDB Entry
packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
HardwareD-linkDap-2230-AllAllAll
HardwareD-linkDap-2230-AllAllAll
Operating
System
D-linkDap-2230 Firmware1.02AllAllAll
Operating
System
D-linkDap-2230 Firmware1.02AllAllAll
HardwareD-linkDap-2310-AllAllAll
HardwareD-linkDap-2310-AllAllAll
Operating
System
D-linkDap-2310 Firmware2.06AllAllAll
Operating
System
D-linkDap-2310 Firmware2.06AllAllAll
HardwareD-linkDap-2330-AllAllAll
HardwareD-linkDap-2330-AllAllAll
Operating
System
D-linkDap-2330 Firmware1.06AllAllAll
Operating
System
D-linkDap-2330 Firmware1.06AllAllAll
HardwareD-linkDap-2360-AllAllAll
HardwareD-linkDap-2360-AllAllAll
Operating
System
D-linkDap-2360 Firmware2.06AllAllAll
Operating
System
D-linkDap-2360 Firmware2.06AllAllAll
HardwareD-linkDap-2553-AllAllAll
HardwareD-linkDap-2553-AllAllAll
Operating
System
D-linkDap-2553 Firmware3.05AllAllAll
Operating
System
D-linkDap-2553 Firmware3.05AllAllAll
HardwareD-linkDap-2660-AllAllAll
HardwareD-linkDap-2660-AllAllAll
Operating
System
D-linkDap-2660 Firmware1.11AllAllAll
Operating
System
D-linkDap-2660 Firmware1.11AllAllAll
HardwareD-linkDap-2690-AllAllAll
HardwareD-linkDap-2690-AllAllAll
Operating
System
D-linkDap-2690 Firmware3.15AllAllAll
Operating
System
D-linkDap-2690 Firmware3.15AllAllAll
HardwareD-linkDap-2695-AllAllAll
HardwareD-linkDap-2695-AllAllAll
Operating
System
D-linkDap-2695 Firmware1.16AllAllAll
Operating
System
D-linkDap-2695 Firmware1.16AllAllAll
HardwareD-linkDap-3320-AllAllAll
HardwareD-linkDap-3320-AllAllAll
Operating
System
D-linkDap-3320 Firmware1.00AllAllAll
Operating
System
D-linkDap-3320 Firmware1.00AllAllAll
HardwareD-linkDap-3662-AllAllAll
HardwareD-linkDap-3662-AllAllAll
Operating
System
D-linkDap-3662 Firmware1.01AllAllAll
Operating
System
D-linkDap-3662 Firmware1.01AllAllAll
  • cpe:2.3:h:d-link:dap-2230:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2230:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2230_firmware:1.02:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2230_firmware:1.02:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2310:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2310:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2310_firmware:2.06:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2310_firmware:2.06:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2330:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2330:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2330_firmware:1.06:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2330_firmware:1.06:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2360:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2360:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2360_firmware:2.06:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2360_firmware:2.06:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2553:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2553:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2553_firmware:3.05:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2553_firmware:3.05:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2660:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2660:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2660_firmware:1.11:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2660_firmware:1.11:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2690:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2690:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2690_firmware:3.15:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2690_firmware:3.15:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2695:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-2695:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2695_firmware:1.16:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-2695_firmware:1.16:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-3320:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-3320:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-3320_firmware:1.00:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-3320_firmware:1.00:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-3662:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:d-link:dap-3662:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-3662_firmware:1.01:*:*:*:*:*:*:*:
  • cpe:2.3:o:d-link:dap-3662_firmware:1.01:*:*:*:*:*:*:*: