Cleartext Password Storage Vulnerability in D-Link DSR Routers
CVE-2013-7005

Currently unrated

Key Information:

Vendor

D-Link
Status
Dsr-150 Firmware
Dsr-150
Vendor
CVE Published:
19 December 2013

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2013-7005?

The D-Link DSR series routers exhibit a vulnerability where account passwords are stored in cleartext within configuration files. This flaw allows local users with access to the system to easily retrieve sensitive information from the /tmp/teamf1.cfg.ascii file by reading the Users[#]['Password'] fields. This security oversight can lead to unauthorized access and exploitation of user credentials, necessitating immediate action to secure affected devices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2013-7005 - Proof of Concept

References

http://www.exploit-db.com/exploits/30061
exploitx_refsource_EXPLOIT-DB

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.