D-Link - Local File Inclusion

What is "D-Link - Local File Inclusion?"

The "D-Link - Local File Inclusion" module is designed to detect a vulnerability in D-Link devices that allows for local file inclusion. D-Link is a popular brand of networking equipment.

This vulnerability is classified as CWE-522 and has a severity rating of high. It can potentially be exploited to gain unauthorized access to sensitive files on the affected device.

This module was authored by dhiyaneshDK.

Impact

If successfully exploited, the local file inclusion vulnerability in D-Link devices can allow an attacker to read sensitive files that are stored on the device. This could include configuration files, credentials, or other sensitive information.

By gaining access to these files, an attacker may be able to further compromise the device or gain unauthorized access to other systems on the network.

How the module works?

The "D-Link - Local File Inclusion" module works by sending a POST request to the "/cgi-bin/webproc" endpoint on the target D-Link device. It then applies matching conditions to determine if the vulnerability is present.

One of the matching conditions checks the response body for the presence of the string "root:.*:0:0:". If this string is found, it indicates that the device is vulnerable to local file inclusion.

Another matching condition checks the response status code, ensuring that it is 200. If both matching conditions are met, the module reports the vulnerability.

It is important to note that this module is just one test case that can be performed as part of a larger scanning process using the Vidoc platform.

For more information about this vulnerability, you can refer to the reference provided.

Metadata: max-request: 1