How to bypass login D-Link router

0
1991

Recently, I have published another vulnerability of D-Link router. That router model is DIR-600M with firmware version is 3.04. This model is the home router model and D-Link. I got the CVE-2019-7736.

DLink DIR-600M

An unauthenticated user can visit the page “wan.htm” (if exposed to the internet) and obtain the admin account password in clear text.

Proof of concept

Proof of concept

I have got another CVE-2018-16605 number of D-Link router. The attack XSS vulnerability in firware. They don’t have sensitized input field. You can see Proof of concept of XSS.

LEAVE A REPLY

Please enter your comment!
Please enter your name here