Title: ==== D-link wireless router DI-524 – Multiple Cross-Site Request Forgery (CSRF) vulnerabilities Credit: ====== Name: Felipe de Souza Date: ===== 27-02-2017 Reference: ===== CVE-2017-5633 Vendor: ====== D-Link is the global leader in connectivity for small, medium and large enterprise business networking. Product: ======= D-Link DI-524 wireless router Product link: http://ift.tt/2lR5wp7 Abstract: ======= Cross-Site Request Forgery (CSRF) vulnerability in the D-LINK DI-524 wireless router enables an attacker to perform [1]device reboot, [2]change the admin password, [3]possibly have unspecified other impacts via crafted requests. Affected Version: ============= 9.01 Exploitation-Technique: =================== Remote Details: ======= An attacker who lures a D-Link DI-524 authenticated user to browse a malicious website or clicking in a crafted url can exploit cross site request forgery (CSRF). The attacker could changing the admin password or rebooting the device. Proof Of Concept: ================ [1] User login to DI-524 wireless router [2] User visits the attacker's malicious web page or clicking in a crafted link (exploit01.html | exploit02.html) [3] (exploit01.html) changes the admin password, (exploit02.html)cause device reboot. Exploit (exploit01.html):
Exploit (exploit02.html): Credits: ======= Felipe de Souza - Network Analyst & Programmer twitter: https://twitter.com/felipes01 Linkedin: http://ift.tt/2m6RtOI
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment