CVE-2017-3192
high-risk
Published 2017-12-16
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. The tools_admin.asp page discloses the administrator password in base64 encoding in the returned web page. A remote attacker with access to this page (potentially through a authentication bypass such as CVE-2017-3191) may obtain administrator credentials for the device.
Do I need to act?
!
27.7% chance of exploitation in next 30 days
EPSS score — higher than 72% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (2)
Affected Vendors
References (8)
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/123292
Issue Tracking
https://www.kb.cert.org/vuls/id/553503
Third Party Advisory
https://www.scmagazine.com/d-link-dir-130-and-dir-330-routers-vulnerable/article...
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/123292
Issue Tracking
https://www.kb.cert.org/vuls/id/553503
Third Party Advisory
https://www.scmagazine.com/d-link-dir-130-and-dir-330-routers-vulnerable/article...
54
/ 100
high-risk
Severity
32/34 · Critical
Exploitability
15/34 · Moderate
Exposure
7/34 · Low