Skip to main content

Dir 865L Firmware CVE-2020-13783

HIGH
Cleartext Storage of Sensitive Information (CWE-312)
2020-06-03 cve@mitre.org
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jun 03, 2020 - 17:15 nvd
HIGH 7.5

DescriptionNVD

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information.

AnalysisAI

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-312. D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information. Affected products include: Dlink Dir-865L Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2019-17621 CRITICAL POC
9.8 Dec 30

The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated rem

CVE-2018-6530 CRITICAL POC
9.8 Mar 06

OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_

CVE-2020-13786 HIGH POC
8.8 Jun 03

D-Link DIR-865L Ax 1.20B01 Beta devices allow CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely explo

CVE-2020-13782 HIGH POC
8.8 Jun 03

D-Link DIR-865L Ax 1.20B01 Beta devices allow Command Injection. Rated high severity (CVSS 8.8), this vulnerability is r

CVE-2020-13787 HIGH POC
7.5 Jun 03

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive Information. Rated high severity (CVSS

CVE-2020-13785 HIGH POC
7.5 Jun 03

D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength. Rated high severity (CVSS 7.5), this vulner

CVE-2020-13784 HIGH POC
7.5 Jun 03

D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator. Rated high severity

CVE-2020-25786 MEDIUM POC
6.1 Sep 19

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header.

CVE-2018-6529 MEDIUM POC
6.1 Mar 06

XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR

CVE-2018-6528 MEDIUM POC
6.1 Mar 06

XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DI

CVE-2018-6527 MEDIUM POC
6.1 Mar 06

XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous version

Share

CVE-2020-13783 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy