Intrusion Prevention

D-Link.Web.Interface.Backdoor.Authentication.Bypass

Description

This indicates an attack attempt against a Security Bypass vulnerability in D-link WebInterface.
The vulnerability is caused by a design issue when the vulnerable software handles a http request with xmlset_roodkcableoj28840ybtide User-Agent HTTP header. It allows a remote attacker to bypass authentication via a crafted http request.

Affected Products

DIR-100
DIR-120
DI-624S
DI-524UP
DI-604S
DI-604UP
DI-604+
TM-G5240
BRL-04R
BRL-04UR
BRL-04CW

Impact

System Compromise: Remote attacker can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for suggested workaround.
http://www.dlink.com/uk/en/support/security

CVE References

CVE-2013-6026