var-201406-0031
Vulnerability from variot
Directory traversal vulnerability in the TFTP server in D-Link DIR-601 Wireless N150 Home Router with firmware 1.02NA allows remote attackers to read arbitrary files via unspecified vectors. The D-Link DIR-601 is a wireless router device. The attacker performs the WAN interface monitored by the TFTP server without authentication. D-Link DIR-601 is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to gain access to system and other configuration files. D-Link DIR-601 1.02NA is vulnerable; other versions may be affected. ----------------------------------------------------------------------
SC Magazine awards the Secunia CSI a 5-Star rating Top-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296
TITLE: 2X ApplicationServer TuxSystem ActiveX Control "ExportSettings()" Insecure Method
SECUNIA ADVISORY ID: SA47657
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47657/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47657
RELEASE DATE: 2012-02-03
DISCUSS ADVISORY: http://secunia.com/advisories/47657/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47657/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47657
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Andrea Micalizzi has discovered a vulnerability in 2X ApplicationServer TuxSystem ActiveX Control, which can be exploited by malicious people to manipulate certain data.
The vulnerability is caused due to the TuxSystem ActiveX control (TuxScripting.dll) providing an insecure "ExportSettings()" method, which can be exploited to create or overwrite arbitrary files in the context of the currently logged-on user.
The vulnerability is confirmed in version 10.1 Build 1224.
SOLUTION: Set the kill-bit for the affected ActiveX control.
PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi (rgod) via Secunia.
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
SOLUTION: Disable the TFTP service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0031",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dir-601",
"scope": "eq",
"trust": 1.4,
"vendor": "d link",
"version": "1.02na"
},
{
"model": "dir-601",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "1.02na"
},
{
"model": "dir-601",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "dir-601 1.02na",
"scope": null,
"trust": 0.9,
"vendor": "d link",
"version": null
},
{
"model": "dir-601",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0378"
},
{
"db": "BID",
"id": "51659"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005336"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-012"
},
{
"db": "NVD",
"id": "CVE-2011-4821"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:d-link:dir-601",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:d-link:dir-601_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005336"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rob Kraus and Solutionary Engineering Research Team",
"sources": [
{
"db": "BID",
"id": "51659"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-012"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4821",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-4821",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-52766",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-4821",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-4821",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-012",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-52766",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52766"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005336"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-012"
},
{
"db": "NVD",
"id": "CVE-2011-4821"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in the TFTP server in D-Link DIR-601 Wireless N150 Home Router with firmware 1.02NA allows remote attackers to read arbitrary files via unspecified vectors. The D-Link DIR-601 is a wireless router device. The attacker performs the WAN interface monitored by the TFTP server without authentication. D-Link DIR-601 is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. \nExploiting this issue can allow an attacker to gain access to system and other configuration files. \nD-Link DIR-601 1.02NA is vulnerable; other versions may be affected. ----------------------------------------------------------------------\n\nSC Magazine awards the Secunia CSI a 5-Star rating\nTop-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296 \n\n----------------------------------------------------------------------\n\nTITLE:\n2X ApplicationServer TuxSystem ActiveX Control \"ExportSettings()\"\nInsecure Method\n\nSECUNIA ADVISORY ID:\nSA47657\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47657/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47657\n\nRELEASE DATE:\n2012-02-03\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47657/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47657/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47657\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nAndrea Micalizzi has discovered a vulnerability in 2X\nApplicationServer TuxSystem ActiveX Control, which can be exploited\nby malicious people to manipulate certain data. \n\nThe vulnerability is caused due to the TuxSystem ActiveX control\n(TuxScripting.dll) providing an insecure \"ExportSettings()\" method,\nwhich can be exploited to create or overwrite arbitrary files in the\ncontext of the currently logged-on user. \n\nThe vulnerability is confirmed in version 10.1 Build 1224. \n\nSOLUTION:\nSet the kill-bit for the affected ActiveX control. \n\nPROVIDED AND/OR DISCOVERED BY:\nAndrea Micalizzi (rgod) via Secunia. \n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nSOLUTION:\nDisable the TFTP service",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4821"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005336"
},
{
"db": "CNVD",
"id": "CNVD-2012-0378"
},
{
"db": "BID",
"id": "51659"
},
{
"db": "VULHUB",
"id": "VHN-52766"
},
{
"db": "PACKETSTORM",
"id": "109399"
},
{
"db": "PACKETSTORM",
"id": "109461"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4821",
"trust": 3.4
},
{
"db": "BID",
"id": "51659",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "47762",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005336",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201202-012",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2012-0378",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-52766",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "47657",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109399",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109461",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0378"
},
{
"db": "VULHUB",
"id": "VHN-52766"
},
{
"db": "BID",
"id": "51659"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005336"
},
{
"db": "PACKETSTORM",
"id": "109399"
},
{
"db": "PACKETSTORM",
"id": "109461"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-012"
},
{
"db": "NVD",
"id": "CVE-2011-4821"
}
]
},
"id": "VAR-201406-0031",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0378"
},
{
"db": "VULHUB",
"id": "VHN-52766"
}
],
"trust": 1.2740741
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0378"
}
]
},
"last_update_date": "2024-08-14T12:45:51.019000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.dlink-jp.com/"
},
{
"title": "DIR-601",
"trust": 0.8,
"url": "http://www.dlink.com/us/en/home-solutions/connect/routers/dir-601-wireless-n-150-home-router"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005336"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52766"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005336"
},
{
"db": "NVD",
"id": "CVE-2011-4821"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.solutionary.com/research/vulnerability-disclosures/2012/01/d-link-dir-601-tftp-directory-traversal-vulnerability"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/archive/1/521369"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/51659"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/47762"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4821"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4821"
},
{
"trust": 0.3,
"url": "http://www.dlink.com/"
},
{
"trust": 0.3,
"url": "/archive/1/521369"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/blog/296"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47657/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47657"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47657/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47762/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47762"
},
{
"trust": 0.1,
"url": "http://www.solutionary.com/index/sert/vuln-disclosures/d-link_dir-601.php"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47762/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0378"
},
{
"db": "VULHUB",
"id": "VHN-52766"
},
{
"db": "BID",
"id": "51659"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005336"
},
{
"db": "PACKETSTORM",
"id": "109399"
},
{
"db": "PACKETSTORM",
"id": "109461"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-012"
},
{
"db": "NVD",
"id": "CVE-2011-4821"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-0378"
},
{
"db": "VULHUB",
"id": "VHN-52766"
},
{
"db": "BID",
"id": "51659"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005336"
},
{
"db": "PACKETSTORM",
"id": "109399"
},
{
"db": "PACKETSTORM",
"id": "109461"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-012"
},
{
"db": "NVD",
"id": "CVE-2011-4821"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0378"
},
{
"date": "2014-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-52766"
},
{
"date": "2012-01-25T00:00:00",
"db": "BID",
"id": "51659"
},
{
"date": "2014-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005336"
},
{
"date": "2012-02-03T12:32:59",
"db": "PACKETSTORM",
"id": "109399"
},
{
"date": "2012-02-06T04:01:44",
"db": "PACKETSTORM",
"id": "109461"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-012"
},
{
"date": "2014-06-20T14:55:04.687000",
"db": "NVD",
"id": "CVE-2011-4821"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0378"
},
{
"date": "2014-06-23T00:00:00",
"db": "VULHUB",
"id": "VHN-52766"
},
{
"date": "2012-01-25T00:00:00",
"db": "BID",
"id": "51659"
},
{
"date": "2014-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005336"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-012"
},
{
"date": "2023-04-26T19:27:52.350000",
"db": "NVD",
"id": "CVE-2011-4821"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-012"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DIR-601 TFTP Server Directory Traversal Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0378"
},
{
"db": "BID",
"id": "51659"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-012"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…