D-Link DIR-605L and DIR-618 Improper Access Control Vulnerability

An improper access control vulnerability has been identified in the D-Link DIR-605L and DIR-618 routers, specifically in versions 2.02 and 3.02. This vulnerability resides in the web management interface, within the file '/goform/formTcpipSetup'. The issue allows unauthorized users to manipulate the TCP/IP service settings of the device by sending a crafted HTTP POST request. Exploitation of this vulnerability requires access to the local network, but no authentication is needed.

Impact

Exploitation of this vulnerability could lead to unauthorized modification of the device's TCP/IP service settings, potentially disrupting network connectivity or causing other configuration issues.

Reproduction

To reproduce this vulnerability, send an unauthenticated HTTP POST request to the '/goform/formTcpipSetup' endpoint. Include a header that specifies the 'formTcpipSetup' to manipulate the TCP/IP service settings of the router.

Remediation

It is recommended to implement restrictive firewall rules to block unauthorized access to the router's management interface.