CVE-2021-20133

{"id": "CVE-2021-20133", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:S/C:C/I:N/A:C", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 9.2, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 5.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 0.9}]}, "published": "2021-12-30T22:15:08.230", "references": [{"url": "https://www.tenable.com/security/research/tra-2021-44", "tags": ["Exploit", "Third Party Advisory"], "source": "vulnreport@tenable.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set the \"message of the day\" banner to any file on the system, allowing them to read all or some of the contents of those files. Such sensitive information as hashed credentials, hardcoded plaintext passwords for other services, configuration files, and private keys can be disclosed in this fashion. Improper handling of filenames that identify virtual resources, such as \"/dev/urandom\" allows an attacker to effect a denial of service attack against the command line interfaces of the Quagga services (zebra and ripd)."}, {"lang": "es", "value": "Los servicios de Quagga en los DIR-2640 de D-Link menores o iguales a versi\u00f3n 1.11B02, est\u00e1n afectados por una vulnerabilidad de salto de ruta absoluto que permite a un atacante remoto y autenticado establecer el banner \"message of the day\" en cualquier archivo del sistema, permiti\u00e9ndole leer todo o parte del contenido de esos archivos. De este modo, puede revelarse informaci\u00f3n confidencial como credenciales con hash, contrase\u00f1as en texto plano embebidas para otros servicios, archivos de configuraci\u00f3n y claves privadas. El manejo inapropiado de los nombres de archivo que identifican recursos virtuales, como \"/dev/urandom\", permite a un atacante realizar un ataque de denegaci\u00f3n de servicio contra las interfaces de l\u00ednea de comandos de los servicios Quagga (zebra y ripd).\n"}], "lastModified": "2022-01-12T20:03:49.230", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-2640-us_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACE0B76E-0581-4A2B-92D2-A1D7A93B098E", "versionEndIncluding": "1.11b02"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-2640-us:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "894C2BD1-B610-4F15-864E-92D6B515488D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "vulnreport@tenable.com"}