D-Link DIR-605L and DIR-618 Improper Access Control Vulnerability in DDNS Service

A vulnerability exists in the D-Link DIR-605L and DIR-618 routers, specifically in versions 2.02 and 3.02. The issue arises within the DDNS service component, particularly in the '/goform/formSetDDNS' file. This vulnerability allows for improper access controls, enabling unauthorized users to manipulate DDNS settings. Exploitation requires no authentication and must be initiated from within the local network.

Impact

Exploitation of this vulnerability allows for unauthorized modification of DDNS settings, potentially leading to misdirection of network traffic or disruption of services that rely on dynamic DNS.

Reproduction

To reproduce this vulnerability, send an unauthenticated HTTP POST request to the '/goform/formSetDDNS' endpoint. The request must include the appropriate headers to indicate the DDNS service settings being modified. This can be done using tools that allow for the crafting of HTTP requests, such as Postman or curl.

Remediation

It is recommended to implement firewall rules to block unauthorized access to the vulnerable DDNS service endpoint.