CVE-2023-32148

D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management interface, which listens on TCP port 80 by default. A crafted XML element in the login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19545.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector : AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323
https://www.zerodayinitiative.com/advisories/ZDI-23-540/

Configurations

No configuration.

History

No history.

Information

Published : 2024-05-03 02:15

Updated : 2024-05-03 12:50

NVD link : CVE-2023-32148

Mitre link : CVE-2023-32148

CVE.ORG link : CVE-2023-32148

JSON object : View

Products Affected

No product.

CWE

CWE-303

Incorrect Implementation of Authentication Algorithm

{"id": "CVE-2023-32148", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "zdi-disclosures@trendmicro.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-05-03T02:15:18.940", "references": [{"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323", "source": "zdi-disclosures@trendmicro.com"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-540/", "source": "zdi-disclosures@trendmicro.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "zdi-disclosures@trendmicro.com", "description": [{"lang": "en", "value": "CWE-303"}]}], "descriptions": [{"lang": "en", "value": "D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A crafted XML element in the login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19545."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n de inicio de sesi\u00f3n privado de D-Link DIR-2640 HNAP. Esta vulnerabilidad permite a atacantes adyacentes a la red eludir la autenticaci\u00f3n en las instalaciones afectadas de los enrutadores D-Link DIR-2640. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro de la interfaz de administraci\u00f3n web, que escucha en el puerto TCP 80 de forma predeterminada. Un elemento XML manipulado en la solicitud de inicio de sesi\u00f3n puede provocar que la autenticaci\u00f3n se realice correctamente sin proporcionar las credenciales adecuadas. Un atacante puede aprovechar esta vulnerabilidad para eludir la autenticaci\u00f3n en el sistema. Era ZDI-CAN-19545."}], "lastModified": "2024-05-03T12:50:34.250", "sourceIdentifier": "zdi-disclosures@trendmicro.com"}