D-Link DIR-605L and DIR-619L Information Disclosure Vulnerability via DHCP Client Information Handler

An information disclosure vulnerability has been identified in D-Link DIR-605L and DIR-619L routers running firmware versions 2.06B01 and 2.13B01. The issue arises from improper access control in the DHCP Client Information Handler, allowing unauthorized access to sensitive network information. Exploitation of this vulnerability can be done remotely, without authentication, and takes advantage of pages that expose details about active DHCP clients, such as internal IP addresses, MAC addresses, hostnames, and lease statuses. This information could be used to map internal network assets and identify active devices.

Impact

Exploitation of this vulnerability allows for unauthorized access to sensitive network information, including details about active DHCP clients and their connected devices, which could be used to infer the internal network topology.

Reproduction

The vulnerability can be reproduced by accessing the 'dhcp_clients.asp', 'dyn_clients_only.asp', or 'wifi_assoc.asp' pages on the affected routers without any authentication. This can be done remotely, and the accessed pages will disclose sensitive information about the network's DHCP clients and connected devices.

Remediation

It is recommended to apply restrictive firewalling to mitigate this vulnerability.