Become a patron and gain access to the dashboard, Schedule scans, API and Search patron

Search for hundreds of thousands of exploits

"D-Link DSL-2640R - DNS Change"

Author

Exploit author

"Todor Donev"

Platform

Exploit platform

hardware

Release date

Exploit published date

2018-01-17

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#
#
#  D-Link DSL-2640R Unauthenticated Remote DNS Change Vulnerability
#
#  Firmware Version: UK_1.06 Hardware Version: B1
#
#  Copyright 2018 (c) Todor Donev <todor.donev at gmail.com>
#
#  https://ethical-hacker.org/
#  https://facebook.com/ethicalhackerorg/
#
#  Description:  
#  The vulnerability exist in the web interface.
#  D-Link's various routers are susceptible to unauthorized DNS change. 
#  The problem is when entering an invalid / wrong user and password.  
#
#  ACCORDING TO THE VULNERABILITY DISCOVERER, MORE D-Link 
#  DEVICES MAY AFFECTED.
#
#  Once modified, systems use foreign DNS servers,  which are 
#  usually set up by cybercriminals. Users with vulnerable 
#  systems or devices who try to access certain sites are 
#  instead redirected to possibly malicious sites.
#  
#  Modifying systems' DNS settings allows cybercriminals to 
#  perform malicious activities like:
#
#    o  Steering unknowing users to bad sites: 
#       These sites can be phishing pages that 
#       spoof well-known sites in order to 
#       trick users into handing out sensitive 
#       information.
#
#    o  Replacing ads on legitimate sites: 
#       Visiting certain sites can serve users 
#       with infected systems a different set 
#       of ads from those whose systems are 
#       not infected.
#   
#    o  Controlling and redirecting network traffic: 
#       Users of infected systems may not be granted 
#       access to download important OS and software 
#       updates from vendors like Microsoft and from 
#       their respective security vendors.
#
#    o  Pushing additional malware: 
#       Infected systems are more prone to other 
#       malware infections (e.g., FAKEAV infection).
#
#  

Proof of Concept:

http://<TARGET>/Forms/dns_1?Enable_DNSFollowing=1&dnsPrimary=<MALICIOUS DNS>&dnsSecondary=<MALICIOUS DNS>
Release Date Title Type Platform Author
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "ILIAS Learning Management System 4.3 - SSRF" webapps multiple Dot
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "Microsoft Windows - Win32k Elevation of Privilege" local windows nu11secur1ty
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
2020-12-02 "Pharmacy Store Management System 1.0 - 'id' SQL Injection" webapps php "Aydın Baran Ertemir"
Release Date Title Type Platform Author
2020-11-30 "ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure" webapps hardware "Zagros Bingol"
2020-11-30 "Intelbras Router RF 301K 1.1.2 - Authentication Bypass" webapps hardware "Kaio Amaral"
2020-11-27 "Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 - Remote Code Execution" webapps hardware "Emre SUREN"
2020-11-24 "Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE (Authenticated)" webapps hardware maj0rmil4d
2020-11-23 "TP-Link TL-WA855RE V5_200415 - Device Reset Auth Bypass" webapps hardware malwrforensics
2020-11-19 "Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure" remote hardware "Nitesh Surana"
2020-11-19 "Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification" webapps hardware "Ricardo Longatto"
2020-11-16 "Cisco 7937G - DoS/Privilege Escalation" remote hardware "Cody Martin"
2020-11-13 "ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit)" webapps hardware b1ack0wl
2020-11-13 "Citrix ADC NetScaler - Local File Inclusion (Metasploit)" webapps hardware "RAMELLA Sebastien"
Release Date Title Type Platform Author
2020-02-24 "SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure" webapps hardware "Todor Donev"
2020-02-24 "I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure" webapps hardware "Todor Donev"
2020-02-24 "SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure" webapps hardware "Todor Donev"
2020-02-24 "Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure" webapps hardware "Todor Donev"
2020-02-24 "ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure" webapps hardware "Todor Donev"
2020-02-19 "DBPower C300 HD Camera - Remote Configuration Disclosure" webapps hardware "Todor Donev"
2019-10-08 "Zabbix 4.4 - Authentication Bypass" webapps php "Todor Donev"
2019-09-23 "Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure" remote hardware "Todor Donev"
2019-09-09 "WordPress 5.2.3 - Cross-Site Host Modification" webapps php "Todor Donev"
2019-09-02 "Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection" remote hardware "Todor Donev"
2019-09-02 "IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 - Arbitrary File Read" remote hardware "Todor Donev"
2019-05-24 "Opencart 3.0.3.2 - 'extension/feed/google_base' Denial of Service PoC" webapps php "Todor Donev"
2018-07-11 "Awk to Perl 1.007-5 - Buffer Overflow (PoC)" local linux "Todor Donev"
2018-06-22 "Opencart < 3.0.2.0 - Denial of Service" dos php "Todor Donev"
2018-04-02 "Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change" webapps hardware "Todor Donev"
2018-03-30 "Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change" webapps asp "Todor Donev"
2018-03-30 "Tenda W3002R/A302/w309r Wireless Router v5.07.64_en - Remote DNS Change (PoC)" webapps asp "Todor Donev"
2018-03-30 "Tenda W316R Wireless Router 5.07.50 - Remote DNS Change" webapps asp "Todor Donev"
2018-03-30 "Tenda FH303/A300 Firmware v5.07.68_EN - Remote DNS Change" webapps asp "Todor Donev"
2018-03-28 "Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change" webapps hardware "Todor Donev"
2018-01-17 "D-Link DSL-2640R - DNS Change" webapps hardware "Todor Donev"
2017-06-18 "D-Link DSL-2640B ADSL Router - 'dnscfg' Remote DNS Change" webapps hardware "Todor Donev"
2017-06-17 "Beetel BCM96338 Router - DNS Change" webapps hardware "Todor Donev"
2017-06-17 "D-Link DSL-2640U - DNS Change" webapps hardware "Todor Donev"
2017-06-17 "UTstarcom WA3002G4 - DNS Change" webapps hardware "Todor Donev"
2017-06-16 "iBall Baton iB-WRA150N - DNS Change" webapps hardware "Todor Donev"
2017-01-22 "SunOS 5.11 ICMP - Denial of Service" dos unix "Todor Donev"
2017-01-19 "Tenda ADSL2/2+ Modem D820R - DNS Change" webapps hardware "Todor Donev"
2017-01-19 "Pirelli DRG A115 v3 ADSL Router - DNS Change" webapps hardware "Todor Donev"
2017-01-16 "Tenda ADSL2/2+ Modem D840R - DNS Change" webapps hardware "Todor Donev"
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/43678/?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.