How to bypass login D-Link router


Recently, I have published another vulnerability of D-Link router. That router model is DIR-600M with firmware version is 3.04. This model is the home router model and D-Link. I got the CVE-2019-7736.

DLink DIR-600M

An unauthenticated user can visit the page “wan.htm” (if exposed to the internet) and obtain the admin account password in clear text.

Proof of concept

Proof of concept

I have got another CVE-2018-16605 number of D-Link router. The attack XSS vulnerability in firware. They don’t have sensitized input field. You can see Proof of concept of XSS.


Please enter your comment!
Please enter your name here