Proof-of-Concept exploits for D-Link DIR8xx routers
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


phpcgi is responsible for processing requests to .php, .asp and .txt pages. Also, it checks whether a user is authorized or not. Nevertheless, if a request is crafted in a proper way, an attacker can easily bypass authorization and execute a script that returns a login and password to a router.


Due to error in hnap protocol implementation we can overflow stack and execute any sh commands under root priviliges.


If you have access to an ethernet port you can upload custom firmware to a device because system recovery service is started and available for a few seconds after restart.