Published: 19/11/2013 Updated: 19/11/2013

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

VMScore: 765

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote malicious users to bypass authentication and gain administrator access via a request to login.cgi.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dlink dsl-2740b_firmware -
dlink dsl-2740b -

+------------------------------------------------------------------------------------------------------------------------------------------+ # Exploit Title : D-Link DSL-2740B (ADSL Router) Authentication Bypass # Date : 10-02-2013 # Author : Ivano Binetti (ivanobinetticom) # Vendor site : wwwd- ...

D-Link DSL-2740B ADSL router suffers from an administrative authentication bypass vulnerability ...

CWE-264 http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10004 http://www.webapp-security.com/2013/03/d-link-dsl-2740b-adsl-router-authentication-bypass http://www.webapp-security.com/wp-content/uploads/2013/03/D-Link-DSL-2740B-ADSL-Router-Authentication-Bypass2.txt http://packetstormsecurity.com/files/120613/dlinkdsl2740b-bypass.txt https://nvd.nist.gov https://www.exploit-db.com/exploits/24563/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-2271

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect