D-Link DSL-2740B Multiple CSRF Vulnerabilities | CVE-2013-5730

I’ve discovered new multiple CSRF vulnerabilities affecting D-Link DSL-2740B ADSL router allowing an attacker to carry out malicious activities, as:

  • Disable/Enable Wireless MAC Address Filter.
  • Disable/Enable all the Firewall protections (Both “SPI” and “DOS and Portscan Protection”).
  • Enable/Disable Remote Management (in my exploit I enabled remote management via http – tcp port 80 – and ssh – tcp port 22 -).

Many other changes can be performed.

For more details please read my Original Advisory:
D-Link DSL-2740B Multiple CSRF Vulnerabilities

MITRE CVE Numbering Authority assigned me CVE-2013-5730 for these vulnerabilities.

The vendor (D-Link) confirmed this vulnerability and  is pending a new firmware release that fixes this security issue:
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10004

My Advisory has been also published in the following web sites:
http://www.securityfocus.com/bid/62356/
http://secunia.com/advisories/54795
http://www.exploit-db.com/exploits/28239/
http://1337day.com/exploits/21225
http://osvdb.org/show/osvdb/97278
http://xforce.iss.net/xforce/xfdb/87036
http://packetstormsecurity.com/files/123200/D-Link-DSL-2740B-Cross-Site-Request-Forgery.html
http://www.securelist.com/en/advisories/54795
http://www.scip.ch/en/?vuldb.10296
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10004
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5730
http://cert-mu.gov.mu/English/Pages/Vulnerability%20Notes/2013/VN-2013-220.aspx
http://en.securitylab.ru/nvd/447902.php
Japan CERT (Computer Emergency Response Team)

Leave a Reply

Your email address will not be published. Required fields are marked *


six + 8 =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>