D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi
Description
D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST requests. Attackers can send requests to /my_cgi.cgi with table_name values like admin_user, wireless_settings, and wireless_security to extract administrative credentials and wireless network keys in clear text.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
D-Link DIR-601 firmware 2.02NA exposes administrative credentials and wireless keys via unauthenticated POST requests to /my_cgi.cgi by manipulating the table_name parameter.
Vulnerability
The D-Link DIR-601 router running firmware version 2.02NA (and possibly earlier) contains a credential disclosure vulnerability in the my_cgi.cgi endpoint. An unauthenticated attacker can send a POST request with a crafted table_name parameter to retrieve sensitive configuration data. The endpoint is intended for the Captcha function but fails to restrict which internal tables can be queried. By specifying values such as admin_user, wireless_settings, wireless_security, and wireless_wpa_settings, the device returns administrative credentials and wireless network keys in clear text [1].
Exploitation
An attacker with network access to the router (typically on the local network, as the management interface is usually not exposed to the internet) can exploit this without authentication. The exploit involves sending a POST request to /my_cgi.cgi with request=no_auth&request=load_settings&table_name=create_auth_pic&table_name=admin_user (or other table names). The server responds with an XML document containing the requested configuration data, including the admin password and wireless pre-shared key [1]. No user interaction or special privileges are required.
Impact
Successful exploitation allows an unauthenticated attacker to obtain the router's administrative credentials and wireless network security keys in plaintext. This compromises the confidentiality of the device configuration and the wireless network. An attacker could then log into the router's web interface with full administrative privileges, change settings, or pivot to other devices on the network. The wireless key disclosure also enables unauthorized access to the Wi-Fi network [1].
Mitigation
D-Link has not released a firmware update to address this vulnerability. The DIR-601 is listed as a legacy product that has reached end-of-support (EOS) and no longer receives firmware updates [4]. Users are advised to replace the device with a supported model. As a workaround, restrict access to the router's management interface to trusted devices only, and ensure the wireless network uses strong encryption (WPA2/WPA3) with a unique key. The vulnerability is not known to be listed in CISA's Known Exploited Vulnerabilities catalog.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.exploit-db.com/exploits/45002mitreexploit
- www.vulncheck.com/advisories/d-link-dir601-2-02na-credential-disclosure-via-my-cgi-cgimitrethird-party-advisory
- ca.dlink.commitreproduct
- support.dlink.ca/ProductInfo.aspxmitreproduct
- www.packetlabs.netmitreproduct
News mentions
0No linked articles in our index yet.