D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability
Description
D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the web management interface, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. . Was ZDI-CAN-19549.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Network-adjacent attackers can bypass authentication on D-Link DIR-2640 routers via a specially crafted login request to the web management interface.
Vulnerability
The vulnerability resides in the HNAP LoginPassword functionality of the web management interface on D-Link DIR-2640 routers, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. Affected firmware versions are v1.11B02 and v1.11B02 Beta01 (and below) on hardware revision Ax. [1][2]
Exploitation
An attacker positioned on the same network as the router (network-adjacent) can exploit this vulnerability without any authentication or user interaction. The attacker sends a specially crafted login request to the web management interface, which bypasses the authentication check. [2]
Impact
Successful exploitation allows the attacker to bypass authentication and gain administrative access to the router's management interface. According to the CVSS vector (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N), the impact is limited to integrity compromise; the attacker can modify router settings but cannot read sensitive data or cause a denial of service. [2]
Mitigation
D-Link has released a hotfix firmware version v1.11B02_Beta_Hotfix to address this vulnerability. Users are advised to update to the latest firmware available from D-Link's support page. No workaround is provided. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- supportannouncement.us.dlink.com/announcement/publication.aspxmitrevendor-advisory
- www.zerodayinitiative.com/advisories/ZDI-23-544/mitrex_research-advisory
News mentions
0No linked articles in our index yet.