DLINK DPH-400SE Exposure of Sensitive Information

2023.09.09

Credit: tahaafarooq

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title : DLINK DPH-400SE - Exposure of Sensitive Information
# Date : 25-08-2023
# Exploit Author : tahaafarooq
# Vendor Homepage : https://dlink.com/
# Version : FRU2.2.15.8
# Tested on: DLINK DPH-400SE (VoIP Phone)
Description:
With default credential for the guest user "guest:guest" to login on the web portal, the guest user can head to maintenance tab under access and modify the users which allows guest user to modify all users as well as view passwords for all users. For a thorough POC writeup visit: https://hackmd.io/@tahaafarooq/dlink-dph-400se-cwe-200
POC :
1. Login with the default guest credentials "guest:guest"
2. Access the Maintenance tab.
3. Under the maintenance tab, access the "Access" feature
4. On "Account Option" choose a user to modify, thus "Admin" and click modify.
5. Right click on the password, and click reveal, the password is then seen in plaintext.

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

DLINK DPH-400SE Exposure of Sensitive Information

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.