Exploits / Vulnerability Discovered : 2018-07-24 |
Type : webapps |
Platform : hardware
This exploit / vulnerability Dlink dap1360 path traversal / crosssite scripting is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: D-Link DAP-1360 File path traversal and Cross site
scripting[reflected] can lead to Authentication Bypass easily.
# Date: 20-07-2018
# Exploit Author: r3m0t3nu11
# Contact : http://twitter.com/r3m0t3nu11
# Vendor : www.dlink.com
# Version: Hardware version: F1
Firmware version: 6.O5
# Tested on:All Platforms
1) Description
After Successfully Connected to D-Link DIR-600
Router(FirmWare Version : 2.01), Any User Can Bypass The Router's
Root password as well bypass admin panel.
D-Link DAP-1360 devices with v6.x firmware allow remote attackers to
read passwords via a errorpage paramater which lead to absolute path
traversal attack,
Its More Dangerous when your Router has a public IP with remote login
enabled.
IN MY CASE,
Tested Router IP : http://192.168.70.69/
Video POC : https://www.dropbox.com/s/tvpq2jm3jv48j3c/D-link.mov?dl=0
2) Proof of Concept
Step 1: Go to
Router Login Page : http://192.168.70.69:80