Skip to content
/ CVE-2017-6206 Public

The DGS-1510 Websmart switch series firmware has been found to have security vulneratiblies. The vulnerabilities include unauthenticated command bypass and unauthenticated information disclosure.

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

varangamin/CVE-2017-6206

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

README.md

README.md

 
 

exploit.sh

exploit.sh

 
 

get-user-info.py

get-user-info.py

 
 

user_add.py

user_add.py

 
 

Repository files navigation

CVE-2017-6206

The DGS-1510 Websmart switch series firmware has been found to have security vulneratiblies. The vulnerabilities include unauthenticated command bypass and unauthenticated information disclosure.

exploit.sh contains both PoC code and it will create a remote user at specified D-Link Enterprise Switch Without Authentication

vamin$ sh exploit.sh "1.1.1.1"

####################################################################

exploit.sh

D-link DGS Authentication Bypass 0-day

By : Varang Amin & Aditya Sood

#####################################################################

Steps

  1. Collect The User Info From DGS Vulnerable Switch
  2. Add a user name dlinktest into DGS swith
  3. Collect The User Info & verify the new dlinktest  user added with Admin Access

About

The DGS-1510 Websmart switch series firmware has been found to have security vulneratiblies. The vulnerabilities include unauthenticated command bypass and unauthenticated information disclosure.

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages