CVE-2013-6026 Information

Description

The web interface on D-Link DIR-100 DIR-120 DI-624S DI-524UP DI-604S DI-604UP DI-604+ and TM-G5240 routers; Planex BRL-04R BRL-04UR and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header as exploited in the wild in October 2013.

Reference

http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/ http://www.dlink.com/uk/en/support/security http://www.kb.cert.org/vuls/id/248083