NVD

Id
84731  
Name
CVE-2017-6190  
Description
Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET /uir/ request.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-04-27  
Published
2017-04-10  
Modified Date
2017-04-14  
Seq
2017-6190  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
417561 84731 CVE-2017-2671 [oss-security] 20170404 Re: Linux kernel ping socket / AF_LLC connect() sin_family race  View
417562 84731 CVE-2017-2671 97407  View
417563 84731 CVE-2017-2671 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/net/ipv4/ping.c?id=43a6684519ab0a6c52024b5e25322476cabad893  View
417564 84731 CVE-2017-2671 https://github.com/danieljiang0415/android_kernel_crash_poc  View
417565 84731 CVE-2017-2671 https://github.com/torvalds/linux/commit/43a6684519ab0a6c52024b5e25322476cabad893  View
417566 84731 CVE-2017-2671 https://twitter.com/danieljiang0415/status/845116665184497664  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
66757 JVNDB-2017-003082 D-Link DWR-116 デバイスのファームウェアの Web インターフェースにおけるディレクトリトラバーサルの脆弱性 D-Link DWR-116 デバイスのファームウェアの Web インターフェースには、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2017-6190 0 CVE-2017-6190 84731 5 7.5 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-003082.html 2017-04-07 2017-05-15 View