D-Link DIR-618 and DIR-605L Access Control Vulnerability via formSetDomainFilter

An improper access control vulnerability has been identified in the D-Link DIR-618 and DIR-605L routers, specifically in versions 2.02 and 3.02. The issue arises in the web management interface, where an unknown function of the file '/goform/formSetDomainFilter' fails to properly restrict access. This vulnerability allows unauthorized users to manipulate parental control settings by sending a crafted, unauthenticated HTTP POST request. The vulnerability can only be exploited from within the local network.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in parental control settings, allowing for improper management of content access on the affected device.

Reproduction

To reproduce this vulnerability, send an unauthenticated HTTP POST request to the '/goform/formSetDomainFilter' endpoint. Ensure that the request is crafted to manipulate the domain filter settings, as the vulnerability lies in the improper handling of access controls for this function.

Remediation

It is recommended to apply restrictive firewall rules to block unauthorized access to the router's management interface.