CVE-2019-13101
CVE-2019-13101
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/halencarjunior/dlkploit600★ 0cve_referencepacketstormsecurity.com/files/153994/D-Link-DIR-600M-Wireless-N-150-Home-Router-Access-Bypass.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47250unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/153994/D-Link-DIR-600M-Wireless-N-150-Home-Router-Access-Bypass.htmlhttp://seclists.org/fulldisclosure/2019/Aug/5https://github.com/d0x0/D-Link-DIR-600M/blob/master/CVE-2019-13101https://seclists.org/bugtraq/2019/Aug/17https://us.dlink.com/en/security-advisoryhttps://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf