the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security vulnerabilities affecting D-Link routers to its CISA Known Exploited Vulnerabilities (KEV) catalog due to confirmed active exploitation. Federal agencies are urged to implement vendor-provided mitigations by June 6, 2024, to address these threats.
This vulnerability is a cross-site request forgery (CSRF) flaw found in D-Link DIR-600 routers. It allows attackers to change the router’s configuration by hijacking an existing administrator session.
The second vulnerability, CVE-2021-40655, is an information disclosure flaw in D-Link DIR-605 routers. Attackers can exploit this weakness to obtain sensitive information, such as usernames and passwords, by forging an HTTP POST request to the /getcfg.php page.