Vulnerability Details CVE-2015-1187
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.782
EPSS Ranking 98.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
Proposed Action
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.
Ransomware Campaign
Unknown
References
- http://packetstormsecurity.com/files/130607/D-Link-DIR636L-Remote-Command-Injection.html
- http://packetstormsecurity.com/files/131465/D-Link-TRENDnet-NCC-Service-Command-Injection.html
- http://seclists.org/fulldisclosure/2015/Mar/15
- http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10052
- http://www.securityfocus.com/bid/72848
- https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2
- http://packetstormsecurity.com/files/130607/D-Link-DIR636L-Remote-Command-Injection.html
- http://packetstormsecurity.com/files/131465/D-Link-TRENDnet-NCC-Service-Command-Injection.html
- http://seclists.org/fulldisclosure/2015/Mar/15
- http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10052
- http://www.securityfocus.com/bid/72848
- https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2
Products affected by CVE-2015-1187
-
cpe:2.3:h:dlink:dir-626l:-
-
cpe:2.3:h:dlink:dir-636l:-
-
cpe:2.3:h:dlink:dir-651:-
-
cpe:2.3:h:dlink:dir-808l:-
-
cpe:2.3:h:dlink:dir-810l:-
-
cpe:2.3:h:dlink:dir-820l:-
-
cpe:2.3:h:dlink:dir-826l:-
-
cpe:2.3:h:dlink:dir-830l:-
-
cpe:2.3:h:dlink:dir-836l:-
-
cpe:2.3:h:trendnet:tew-651br:-
-
cpe:2.3:h:trendnet:tew-652br:-
-
cpe:2.3:h:trendnet:tew-711br:-
-
cpe:2.3:h:trendnet:tew-731br:-
-
cpe:2.3:h:trendnet:tew-810dr:-
-
cpe:2.3:h:trendnet:tew-813dru:-
-
cpe:2.3:o:dlink:dir-626l_firmware:1.04
-
cpe:2.3:o:dlink:dir-636l_firmware:1.04
-
cpe:2.3:o:dlink:dir-651_firmware:1.10na
-
cpe:2.3:o:dlink:dir-808l_firmware:1.03
-
cpe:2.3:o:dlink:dir-810l_firmware:1.01
-
cpe:2.3:o:dlink:dir-810l_firmware:2.02
-
cpe:2.3:o:dlink:dir-820l_firmware:1.02
-
cpe:2.3:o:dlink:dir-820l_firmware:1.05
-
cpe:2.3:o:dlink:dir-820l_firmware:2.01
-
cpe:2.3:o:dlink:dir-826l_firmware:1.00
-
cpe:2.3:o:dlink:dir-830l_firmware:1.00
-
cpe:2.3:o:dlink:dir-836l_firmware:1.01
-
cpe:2.3:o:trendnet:tew-651br_firmware:-
-
cpe:2.3:o:trendnet:tew-652br_firmware:-
-
cpe:2.3:o:trendnet:tew-711br_firmware:1.00
-
cpe:2.3:o:trendnet:tew-731br_firmware:2.01
-
cpe:2.3:o:trendnet:tew-810dr_firmware:1.00
-
cpe:2.3:o:trendnet:tew-813dru_firmware:1.00