Overview

• Manufacturer's website information：http://www.dlink.com.cn/
• Firmware download address ：http://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-823G

Affected version

DIR823G_V1.0.2B05_20181207

Vulnerability details

An improper access control vulnerability exists in the web management interface of DIR823G_V1.0.2B05_20181207. By sending a specially crafted unauthenticated HTTP POST request to the /HNAP1/ endpoint with the SOAPAction header set to SetUpnpSettings, an attacker can enable or disable the Upnp service of the device.

POC