CVE-2024-30220

Command injection vulnerability in PLANEX COMMUNICATIONS wireless LAN routers allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port. Note that MZK-MF300N is no longer supported, therefore the update for this...

D-Link Patches Backdoor Vulnerabilities in Routers

D-Link has patched a backdoor present in a number of its routers that was publicized almost two months ago and could allow an attacker to remotely access the administrative panel on the hardware, run code and make any number of changes. The Thanksgiving patch parade addressed the issue in a numbe...

PT-2013-5931 · D Link +2 · D-Link Di-604 +8

Name of the Vulnerable Software and Affected Versions: D-Link DIR-100 D-Link DIR-120 D-Link DI-624S D-Link DI-524UP D-Link DI-604S D-Link DI-604UP D-Link DI-604+ D-Link TM-G5240 Planex BRL-04R Planex BRL-04UR Planex BRL-04CW Alpha Networks routers affected versions not specified Description: The...

VulnCheck KEV: CVE-2013-6026

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an...

http-dlink-backdoor NSE Script

Detects a firmware backdoor on some D-Link routers by changing the User-Agent to a "secret" value. Using the "secret" User-Agent bypasses authentication and allows admin access to the router. The following router models are likely to be vulnerable: DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S,...

D-Link routers authenticate administrative access using specific User-Agent string

Overview Various D-Link routers allow administrative web actions if the HTTP request contains a specific User-Agent string. This backdoor allows an attacker to bypass password authentication and access the router's administrative web interface. Planex and Alpha Networks devices may also be...