CVE-2014-100005 - D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability

Vulnerability Name

D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability

Description

D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.

Additional Notes

https://legacy.us.dlink.com/pages/product.aspx?id=4587b63118524aec911191cc81605283

https://nvd.nist.gov/vuln/detail/CVE-2014-100005