1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. D-Link DIR-605 Router Information Disclosure Vulnerability

Known Exploited Vulnerabilities CVE-2021-40655 Mappings

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2021-40655 D-Link DIR-605 Router Information Disclosure Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This vulnerability is exploited when an adversary forges a post request to the / get cfg.php page. The POST request could enable the adversary to obtain username and password information on the router.
References
  1. https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-d-link.html
  2. https://www.tenable.com/plugins/nessus/197740