Skip to content
Nuclei Templates

D-Link DIR-816L - Improper Access Control

ID: CVE-2022-28955

Severity: high

Author: arafatansari

Tags: cve2022,cve,dlink,exposure

Description

Section titled “Description”

D-Link DIR-816L_FW206b01 is susceptible to improper access control. An attacker can access folders folder_view.php and category_view.php and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations.

YAML Source

Section titled “YAML Source”
id: CVE-2022-28955


info:
  name: D-Link DIR-816L - Improper Access Control
  author: arafatansari
  severity: high
  description: |
    D-Link DIR-816L_FW206b01 is susceptible to improper access control. An attacker can access folders folder_view.php and category_view.php and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access to sensitive information or control of the affected router.
  remediation: |
    Apply the latest firmware update provided by D-Link to fix the access control issue.
  reference:
    - https://github.com/shijin0925/IOT/blob/master/DIR816/1.md
    - https://www.dlink.com/en/security-bulletin/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-28955
    - https://github.com/ARPSyndicate/cvemon
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2022-28955
    cwe-id: CWE-287
    epss-score: 0.02487
    epss-percentile: 0.89836
    cpe: cpe:2.3:o:dlink:dir-816l_firmware:206b01:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: dlink
    product: dir-816l_firmware
    shodan-query:
      - http.html:"DIR-816L"
      - http.html:"dir-816l"
    fofa-query: body="dir-816l"
  tags: cve2022,cve,dlink,exposure


http:
  - method: GET
    path:
      - "{{BaseURL}}/category_view.php"
      - "{{BaseURL}}/folder_view.php"


    stop-at-first-match: true


    matchers-condition: and
    matchers:
      - type: word
        words:
          - '<title>SharePort Web Access</title>'


      - type: status
        status:
          - 200
# digest: 4a0a0047304502210098d3d18190d2ebb4631c04057106343b59878a049debe5aea043de6ff5f3b6360220519ae3c4d1c09f075bcb3100a4954eb41523d25d31024891c2299c6a6f549c74:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-28955.yaml"

View on Github