CVE-2021-40654 D-Link DIR-615 Authentication Bypass

Introduction

Information disclosure issue in D-LINK-DIR-615 B2 2.01mt can be exploited to gain access access to the device.

Exploit

1. Open the login page of device in BurpSuite Proxy. Click on Login button and intercept the request.

2. Change HTTP Method from GET to POST

3. Change URL to /getcfg.php

4. Provide post data as SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1 followed by new line.


5. Forward the request and view the response in HTTP history tab. Find the password in response and use it to login to the device.


Video



Comments

Popular posts from this blog

Extract / Create Cramfs File System from Ubuntu 20.04

Dump memory to file from U-Boot console using Memory Display (md) log

Firmadyne Installation & Emulation of Firmware