Submit #516795: D-Link DIR-618 Bx 2.02 Improper Access Controlsinfo

TitleD-Link DIR-618 Bx 2.02 Improper Access Controls
DescriptionAn improper access control vulnerability exists in the web management interface of DIR-618 Bx 2.02. By sending a specially crafted unauthenticated HTTP POST request to the goform endpoint with the header set to formVirtualServ, an attacker can set the virtual service of the device.
Source⚠️ https://lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formVirtualServ-1b053a41781f80b28443daabf03c0825?pvs=4
User
 yhryhryhr_backup (UID 65053)
Submission03/08/2025 12:07 (1 Year ago)
Moderation03/20/2025 10:52 (12 days later)
StatusAccepted
VulDB entry300167 [D-Link DIR-618/DIR-605L 2.02/3.02 /goform/formVirtualServ access control]
Points14

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!