HomePentest-Tools.com Logo

D-Link Multiple Devices Backdoor CVE-2013-6026

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Various D-Link DSL routers are susceptible to a remote authentication bypass vulnerability.

Risk description

By setting the User-Agent header to xmlset_roodkcableoj28840ybtide, it is possible to access the web interface without any authentication. This vulnerability allows remote attackers to gain complete administrative access to affected devices.

Recommendation

Ask the Vendor for an update.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 19, 2013
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available