CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-1680

D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=111652806030943&w=2
http://www.vupen.com/english/advisories/2005/0573
http://marc.info/?l=bugtraq&m=111652806030943&w=2
http://www.vupen.com/english/advisories/2005/0573

Products affected by CVE-2005-1680

D-Link » Dsl-502t » Version: Any

cpe:2.3:h:d-link:dsl-502t:*
D-Link » Dsl-504t » Version: Any

cpe:2.3:h:d-link:dsl-504t:*
D-Link » Dsl-562t » Version: Any

cpe:2.3:h:d-link:dsl-562t:*
D-Link » Dsl-G604t » Version: Any

cpe:2.3:h:d-link:dsl-g604t:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1680

Products

Pricing

Contact Us