Main Vulnerability Database SB2013101201

SB2013101201 - Backdoor in D-Link routers

Published: October 12, 2013 Updated: March 24, 2017

Security Bulletin ID SB2013101201

Severity

Critical

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security bypass (CVE-ID: CVE-2013-6026)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error in the alpha_auth_check() function. By setting the user agent string to xmlset_roodkcableoj28840ybtide, an attacker can send an HTTP request to bypass authentication and obtain administrative access to the device.

Successful exploitation of the vulnerability results in full access to the vulnerable system.

Note: the vulnerability was being actively exploited.

Remediation

Install update from vendor's website.

References

http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/

SB2013101201 - Backdoor in D-Link routers

Breakdown by Severity

Description

Remediation

References

Please verify you're human