[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [FD] D-LINK admin password in plain text if "user" or "User" use blank password
From: Marty <noshishi8 () gmail ! com>
Date: 2019-06-25 16:35:35
Message-ID: 12fe359e-1915-b70c-8f63-2115e9cb5f99 () gmail ! com
[Download RAW message or body]
The problem in the following models :
DIR-652
DIR-615
DIR-827
DIR-615
DIR-657
DIR-825
If login to web interface as "User" or "user" , and navigate to url :
http://<ip>:port/wizard_wan.asp
in web code page:
view-source:<ip>:port/wizard_wan.asp
scroll down page and bang :
administrator password in plain text
ports : 8080 or 8081 .
---
Ta wiadomość została sprawdzona na obecność wirusów przez oprogramowanie antywirusowe Avast.
https://www.avast.com/antivirus
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic