I’ve discovered a new vulnerability affecting D-Link DSL-2740B ADSL Wifi Router, which allows an attacker to completely bypass the authentication of this device and gain administrative access.
Fore more details, please read my Advisory:
D-Link DSL-2740B (ADSL Router) Authentication Bypass
MITRE CVE Numbering Authority assigned me CVE-2013-2271 for this vulnerability.
NIST – NVD (Nation Vulnerability Database) published my Advisory:
Department of Homeland Security / US-CERT published my Advisory into the Security Bulletin SB13-329:
The vendor (D-Link) confirmed this vulnerability and is pending a new firmware release that fixes this security issue:
This advisory has been also published in the following web sites:
Japan CERT (Computer Emergency Response Team)