This vulnerability permits an attacker to connect to the device with administrator permissions. To exploit this vulnerability, a user must already be logged in as an administrator. Once another user is already logged in as administrator, an attacker merely needs to connect to the login page. At that point, they will be logged in to the web interface with administrator permissions.
D-Link DSL-2740B Router
This vulnerability allows an attacker to bypass certain security restrictions on the system, allowing the attacker to gain unauthorized access to the system.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 19789 - D-Link DSL-2740B login.cgi Bypass Vulnerability (Zero-Day)
Disable remote administration to the affected device to minimize risk.