CVE-2015-2051
CVE-2015-2051
In short
A flaw in D-Link DIR-645 routers allows attackers to run any command they want by sending specially crafted requests to the router's HNAP interface. This is dangerous because attackers can take full control of the router without needing to log in first.
Technical detail
The HNAP interface in D-Link DIR-645 firmware 1.04b12 and earlier fails to properly validate or sanitize the GetDeviceSettings action, enabling unauthenticated remote command injection. An attacker can send a malicious HNAP request to execute arbitrary system commands with router privileges, leading to complete device compromise.
Summary generated and translated by AI from the official description.
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/37171/unverifiedexploitdbwww.exploit-db.com/exploits/37171unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10051https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10282https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-2051https://www.exploit-db.com/exploits/37171/http://www.securityfocus.com/bid/72623http://www.securityfocus.com/bid/74870