###################################################################### # Exploit Title: {D-Link DSL-2750U} CSRF Vulnerability # Author: khaledmohdar(Mysterious guy) # E-mail: fighterxwar@gmail.com(www.facebook.com/khaledmohdar) # Category: Hardware # Google Dork: N/A # Vendor: http://www.dlink.com/ # Firmware Version: ME_1.09 # Product: http://www.dlinkmea.com/site/index.php/site/productDetails/232 # Tested on: Windows 7 32-bit ###################################################################### 1)Introduction ============== D-Link DSL-2750U High-Speed Internet The DSL-2750U Wireless N ADSL2+ 4-Port Wi-Fi Router is a versatile, high-performance router for home and the small office. With integrated ADSL2/2+ supporting download speeds up to 24 Mbps, firewall protection, Quality of Service (QoS), 802.11n wireless LAN, and 4 Ethernet switch ports, this router provides all the functions that a home or small office needs to establish a secure and high-speed link to the Internet. Ultimate Wireless Connection with Maximum Security ============================================ 2)Vulnerability Description This router allows an attacker to bypass authentication and login to the setup page after that just make any settings and save or apply it and it's going to say "worng old password" Don't worry just hit ok . now you are in the Router settings you can Download the config file or whatever yuo want! and now you can easily make a new settings Includes a new login password #Exploit ======== open this link 192.168.1.1/html/config then Wath my Video https://www.youtube.com/watch?v=-Yvs_sc1tjQБрой прочитания на тази страница: 1119
D-Link DSL-2750U ME_1.09 – CSRF Vulnerability