I’ve discovered new multiple CSRF vulnerabilities affecting D-Link DSL-2740B ADSL router allowing an attacker to carry out malicious activities, as:
- Disable/Enable Wireless MAC Address Filter.
- Disable/Enable all the Firewall protections (Both “SPI” and “DOS and Portscan Protection”).
- Enable/Disable Remote Management (in my exploit I enabled remote management via http – tcp port 80 – and ssh – tcp port 22 -).
Many other changes can be performed.
For more details please read my Original Advisory:
D-Link DSL-2740B Multiple CSRF Vulnerabilities
MITRE CVE Numbering Authority assigned me CVE-2013-5730 for these vulnerabilities.
The vendor (D-Link) confirmed this vulnerability and is pending a new firmware release that fixes this security issue:
My Advisory has been also published in the following web sites:
Japan CERT (Computer Emergency Response Team)