ZDI-CAN-16142: D-Link DIR-1935 HNAP PrivateLogin Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-1935 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-CAN-16142?
The severity of ZDI-CAN-16142 is categorized as high due to the potential for remote exploitation.
How do I fix ZDI-CAN-16142?
To fix ZDI-CAN-16142, update the D-Link DIR-1935 router to the latest firmware version as recommended by D-Link.
Who is affected by ZDI-CAN-16142?
ZDI-CAN-16142 affects installations of D-Link DIR-1935 routers that have not been updated to the patched firmware.
What type of attack does ZDI-CAN-16142 enable?
ZDI-CAN-16142 enables network-adjacent attackers to bypass authentication, allowing unauthorized access to the router.
What is the cause of ZDI-CAN-16142?
ZDI-CAN-16142 is caused by improper handling of HNAP login requests, leading to the ability to exploit the system without authentication.
- agent/references
- agent/softwarecombine
- agent/title
- agent/severity
- agent/type
- agent/description
- agent/source
- agent/tags
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-22-1494
- alias/ZDI-CAN-16142
- alias/CVE-2022-43620
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/event
- vendor/d-link
- canonical/d-link dir-1935 firmware