This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Access Control Error in D-Link DIR-600M. Users can access `wan.htm` without authentication. π **Consequences**: Information leakage of WAN data & potential modification of page data fields.
Q2Root Cause? (CWE/Flaw)
π‘οΈ **Root Cause**: Missing Access Control. The system fails to verify user identity before serving sensitive configuration files (`wan.htm`). No specific CWE ID provided in data.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: D-Link DIR-600M routers. Specifically versions **3.02, 3.03, 3.04, and 3.06** as per Nuclei templates. π Vendor: D-Link (Taiwan).
Q4What can hackers do? (Privileges/Data)
π **Attacker Actions**: 1. Read sensitive WAN configuration info. 2. Modify data fields on the page. β οΈ No login required to start.
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: **LOW**. No authentication needed. Direct URL access to `wan.htm` is sufficient. Easy to exploit remotely.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π§ͺ **Exploits**: Yes. Public PoC exists: `dlkploit600` (Python script). π Also detectable via ProjectDiscovery Nuclei templates.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Use `dlkploit600.py` with `-H [target]`. Or scan with Nuclei CVE-2019-13101 template. Look for unauthenticated access to `/wan.htm`.
π§ **Workaround**: If no patch: 1. Block external access to router admin interface. 2. Change default admin credentials (if applicable). 3. Disable remote management features.
Q10Is it urgent? (Priority Suggestion)
β‘ **Urgency**: **HIGH**. Critical flaw (no auth needed) affecting common home routers. Public exploits available. Patch immediately or isolate device.