A combination of vulnerabilities in D-Link’s DIR-300 and DIR-600 routers could allow an attacker to inject arbitrary shell commands and ultimately compromise the device, according to German security researcher Michael Messner who publicly disclosed the flaw on his personal blog Monday. Read More ..
The root of the flaw lies in the routers’ missing access restrictions and missing input validation in the command parameter. Messner claims even unauthenticated users can target routers, trick them into landing on their own website and then execute malicious commands by injecting scripts.
“If you combine the plaintext credential vulnerability with the unauthenticated OS command injection vulnerability you will … extract the admin password from every vulnerable device,” Messner writes.