D-Link DIR-618 and DIR-605L Improper Access Control Vulnerability

An improper access control vulnerability has been identified in the D-Link DIR-618 and DIR-605L routers, specifically in versions 2.02 and 3.02. The issue arises in the web management interface, where the /goform/formSetPortTr endpoint lacks proper access restrictions. This vulnerability allows unauthorized users to manipulate port rules by sending crafted HTTP POST requests. Exploitation requires access to the local network, but no authentication is needed.

Impact

Exploitation of this vulnerability could lead to unauthorized modification of port rules on the affected router, potentially allowing for unauthorized access to network resources or services.

Reproduction

To reproduce this vulnerability, send an unauthenticated HTTP POST request to the /goform/formSetPortTr endpoint. Include the desired port rules in the request. This can be done using a tool like curl or Postman.

Remediation

It is recommended to use a firewall to block unauthorized access to the affected routers.