D-Link DIR-615 Remote Exploit

December 15th, 2009  | Tags:

D-Link’s DIR-615 Wireless N Router (http://www.dlink.com/products/?pid=565) contains a flaw that allows attackers to access administrative functions without authorization. By simply requesting a certain URL, this vulnerability can be used to perform numerous attacks including changing the admin password, disabling wireless security, and changing DNS settings.

The hole is confirmed in firmware version 3.10NA.

Example (changes admin password to ‘pwdpwd’):
Change password on 192.168.0.1

Be Sociable, Share!
  1. January 18th, 2010 at 06:25
    Reply | Quote | #1

    Nice find dude! ;) Quite similar to another issue I found back in 2005 :D

    http://seclists.org/fulldisclosure/2005/Apr/134

  2. peter
    February 2nd, 2010 at 02:25
    Reply | Quote | #2

    this didn’t work for me… but I managed to get a javascript hack working:
    execute this: send_submit(“form2″);

    http://schpet.blogspot.com/2009/07/hello-world.html

  3. Sel
    May 27th, 2010 at 19:01
    Reply | Quote | #3

    Does this work remotely/over the internet with port 8080?

  4. Ryan Brickwall
    February 23rd, 2011 at 01:06
    Reply | Quote | #4

    Hi there, I have a DIR-615 Hardware Version C1 running Firmware 3.10NA and none of these exploits affect my router. Am I doing something wrong or is my router patched some how?

    Thanks

TOP