| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.1 | $0-$5k | 0.00 |
A vulnerability classified as problematic was found in D-Link DIR 1.02/1.12 (Router Operating System). This vulnerability affects an unknown function of the component URL Filter Handler. The manipulation with an unknown input leads to a input validation vulnerability. The CWE definition for the vulnerability is CWE-20. The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly. As an impact it is known to affect integrity. CVE summarizes:
The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters.
The weakness was presented 09/08/2008 by Marc Ruef with scip AG as not defined mailinglist post (Full-Disclosure). The advisory is shared for download at seclists.org. This vulnerability was named CVE-2008-4133 since 09/19/2008. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details are unknown but a public exploit is available.
It is possible to download the exploit at youtube.com. It is declared as highly functional. As 0-day the estimated underground price was around $25k-$100k.
Upgrading eliminates this vulnerability.
The vulnerability is also documented in the vulnerability database at X-Force (44961).
Product
Type
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
Video
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 5.1
VulDB Base Score: 5.3
VulDB Temp Score: 5.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Input validationCWE: CWE-20
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Highly functional
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Timeline
08/29/2008 🔍09/08/2008 🔍
09/08/2008 🔍
09/08/2008 🔍
09/09/2008 🔍
09/19/2008 🔍
09/19/2008 🔍
03/16/2021 🔍
Sources
Vendor: dlink.comAdvisory: seclists.org
Researcher: Marc Ruef
Organization: scip AG
Status: Not defined
CVE: CVE-2008-4133 (🔍)
X-Force: 44961 - D-Link DIR-100 Web proxy filter security bypass, Medium Risk
SecurityTracker: 1020825 - D-Link DIR-100 Router URL Filter Can Be Bypassed By Remote Users
SecurityFocus: 31050 - D-Link DIR-100 Security Bypass Vulnerability
Secunia: 31767 - D-Link DIR-100 Ethernet Broadband Router URL Filtering Bypass, Less Critical
OSVDB: 47961 - D-Link DIR-100 Ethernet Broadband Router Long URL Filtering Bypass
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 08/29/2008 13:05Updated: 03/16/2021 18:52
Changes: 08/29/2008 13:05 (72), 10/08/2018 14:55 (4), 03/16/2021 18:52 (7)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.