CVE-2013-6026

Severity

99%

Complexity

99%

Confidentiality

165%

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 11 years ago

2013-10-19 10:36:00

Last updated 11 years ago

2013-10-21 16:40:00

Affected Software

D-Link DI-524UP Router

D-Link DI-604+ Router

D-Link DI-604S Router

D-Link DI-604UP Router

D-Link DI-624S Router

D-Link DIR-100 Router

D-Link DIR-120 Router

D-Link TM-G5240 Router

AlphaNetworks VDSL ASL 55052 Router

AlphaNetworks VDSL ASL 56552 Router

Planex BRL-04CW Router

Planex BRL-04R Router

Planex BRL-04UR Router

References

http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/

Exploit

http://www.dlink.com/uk/en/support/security

VU#248083

US Government Resource

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.