D-Link DSL-2750U Multiple Authentication Bypass Vulnerabilities

D-Link DSL-2750U is prone to multiple authentication-bypass vulnerabilities.

An attacker can exploit these issues to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks.

D-Link DSL-2750U Router 1.11 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 109351
Class: Input Validation Error
CVE: CVE-2019-1010155
CVE-2019-1010156

Remote: Yes
Local: No
Published: Jul 23 2019 12:00AM
Updated: Jul 23 2019 12:00AM
Credit: ADMIN_Joker
Vulnerable: D-Link DSL-2750U 1.11

Not Vulnerable:

Exploit

The researcher has created a proof-of-concept to demonstrate these issues. Please see the references for more information.

References:

D-Link Homepage (D-Link)
CVE-2019-1010155 (Tenable)
CVE-2019-1010156 (Tenable)

Source: www.securityfocus.com

Exploit Collector

Search Exploit