D-Link DIR-1253 MESH Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in the D-Link DIR-1253 MESH router, specifically in version 1.6.1684. The issue arises from a hardcoded credential embedded within the etc/shadow.sample file, which is utilized by the device's boot scripts. This vulnerability could potentially be exploited by accessing the device's serial pin, leading to further attacks.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, potentially enabling an attacker to gain elevated rights on the device.

Reproduction

The vulnerability can be reproduced by accessing the etc/shadow.sample file, which contains hardcoded credentials. These credentials are used by the device's boot scripts, creating a window for privilege escalation. Once the credentials are extracted, they can be used to escalate privileges, for example, by accessing the device through its serial pin.