CVE-2014-7859 - OpenCVE

Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting malformed "Host" and "Referer" header values.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
D-link	Dns-320lw Firmware Dns-327l Firmware Dns-322l Firmware Dnr-320l Firmware Dnr-326 Firmware
Dlink	Dnr-320l Dns-322l Dns-327l Dns-320lw Dnr-326

Configuration 1 [-]

AND

cpe:2.3:o:d-link:dns-322l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dns-322l:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:d-link:dns-320lw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:d-link:dnr-326_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:d-link:dns-327l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:d-link:dnr-320l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dnr-320l:-:*:*:*:*:*:*:*

References

Link	Resource
http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html	Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2015/May/125	Mailing List Third Party Advisory VDB Entry
http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf	Technical Description Third Party Advisory
http://www.securityfocus.com/archive/1/535626/100/200/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/74878	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-08-25T18:00:00

Updated: 2018-10-09T18:57:01

Reserved: 2014-10-03T00:00:00

Link: CVE-2014-7859

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-08-25T18:29:00.340

Modified: 2023-04-26T18:55:30.893

Link: CVE-2014-7859

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-05-28T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting malformed \"Host\" and \"Referer\" header values."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html"}, {"name": "74878", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/74878"}, {"name": "20150528 [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/535626/100/200/threaded"}, {"name": "20150531 [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2015/May/125"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-7859", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting malformed \"Host\" and \"Referer\" header values."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html"}, {"name": "74878", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74878"}, {"name": "20150528 [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/535626/100/200/threaded"}, {"name": "20150531 [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/May/125"}, {"name": "http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf", "refsource": "CONFIRM", "url": "http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-7859", "datePublished": "2017-08-25T18:00:00", "dateReserved": "2014-10-03T00:00:00", "dateUpdated": "2018-10-09T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dns-322l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4D99719-4F61-484B-A0B7-A9C460699294", "versionEndIncluding": "2.00b07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dns-322l:-:*:*:*:*:*:*:*", "matchCriteriaId": "82DD4836-A87C-42CC-A41B-B97B1BCA4886", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dns-320lw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "739CD68E-CA42-4DFC-9AD5-FC9E7F0069F2", "versionEndIncluding": "1.03b04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:*", "matchCriteriaId": "45467ABC-BAA9-4EB0-9F97-92E31854CA8B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dnr-326_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E2C89BD-D934-407D-AD97-76A6AD866BAC", "versionEndIncluding": "1.40b03", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:*", "matchCriteriaId": "33CB308B-CF82-4E40-B2DC-23EBD48CD130", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dns-327l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABE0BD7C-20B3-42BF-8DFA-4866B797C320", "versionEndIncluding": "1.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB305B29-7F89-4A52-9ECF-3DB0BDD2350D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:d-link:dnr-320l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "14CA3AA7-DC48-4C67-A559-A97997A57617", "versionEndIncluding": "1.03b04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dnr-320l:-:*:*:*:*:*:*:*", "matchCriteriaId": "C56ACD2C-F974-4F96-849F-4DFDD5E77050", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting malformed \"Host\" and \"Referer\" header values."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer basado en pila en login_mgr.cgi en D-Link firmware DNR-320L y DNS-320LW en versiones anteriores a la 1.04b08, DNR-322L en versiones anteriores a la 2.10 build 03, DNR-326 en versiones anteriores a la 2.10 build 03, y DNS-327L en versiones anteriores a la 1.04b01 permite que atacantes remotos ejecuten c\u00f3digo arbitrario mediante la manipulaci\u00f3n de valores de cabecera \"Host\" y \"Referer\" con formato incorrecto."}], "id": "CVE-2014-7859", "lastModified": "2023-04-26T18:55:30.893", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-08-25T18:29:00.340", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory", "VDB Entry"], "url": "http://seclists.org/fulldisclosure/2015/May/125"}, {"source": "cve@mitre.org", "tags": ["Technical Description", "Third Party Advisory"], "url": "http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/535626/100/200/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/74878"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}