CVE-2017-9100

CVE-2017-9100

EPSS 85.5%

login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.exploit-db.com/exploits/42039/https://www.youtube.com/watch?v=waIJKWCpyNQ http://touhidshaikh.com/blog/poc/d-link-dir600-auth-bypass/